cbcvebase.
CVE-2012-4358
published 2012-08-19

CVE-2012-4358: Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows…

PriorityP336critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
2.52%
82.9th percentile
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode.

Affected

58 ranges· showing 25
VendorProductVersion rangeFixed in
sielcosistemiwinlog_lite<= 2.07.16
sielcosistemiwinlog_lite<= 2.07.17
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
sielcosistemiwinlog_lite
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.