cbcvebase.
CVE-2012-4355
published 2012-08-19

CVE-2012-4355: TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a…

PriorityP357critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
8.19%
94.2th percentile
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354.

Affected

56 ranges· showing 25
VendorProductVersion rangeFixed in
sielcosistemiwinlog_lite<= 2.07.17
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.