cbcvebase.
CVE-2012-4357
published 2012-08-19

CVE-2012-4357: Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code…

PriorityP357critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
7.35%
93.6th percentile
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.

Affected

54 ranges· showing 25
VendorProductVersion rangeFixed in
sielcosistemiwinlog_lite<= 2.07.16
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.