cbcvebase.

Sielcosistemi Winlog Pro vulnerabilities

11 known vulnerabilities affecting sielcosistemi/winlog_pro.

Total CVEs
11
CISA KEV
0
Public exploits
7
Exploited in wild
0
Severity breakdown
CRITICAL9HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2011-0517P2CRITICALCVSS 9.3PoC≤ 2.07.002011-01-20
CVE-2011-0517 [CRITICAL] CWE-119 CVE-2011-0517: Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.
nvd
CVE-2012-3815P2CRITICALCVSS 9.3PoC≤ 2.07.14v2.06.00+24 more2012-06-27
CVE-2012-3815 [CRITICAL] CWE-119 CVE-2012-3815: Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCA Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
nvd
CVE-2012-4353P2CRITICALCVSS 9.3PoC≤ 2.07.16v2.06.00+25 more2012-08-19
CVE-2012-4353 [CRITICAL] CVE-2012-4353: Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Win Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of
nvd
CVE-2012-4355P3CRITICALCVSS 9.3PoC≤ 2.07.17v2.06.00+26 more2012-08-19
CVE-2012-4355 [CRITICAL] CVE-2012-4355: TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07 TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained f
nvd
CVE-2012-4357P3CRITICALCVSS 9.3PoC≤ 2.07.16v2.06.00+25 more2012-08-19
CVE-2012-4357 [CRITICAL] CWE-20 CVE-2012-4357: Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.0 Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.
nvd
CVE-2012-4354P3CRITICALCVSS 9.3PoC≤ 2.07.16v2.06.00+25 more2012-08-19
CVE-2012-4354 [CRITICAL] CWE-189 CVE-2012-4354: TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07 TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are ob
nvd
CVE-2012-4356P3MEDIUMCVSS 4.3PoC≤ 2.07.16v2.06.00+25 more2012-08-19
CVE-2012-4356 [MEDIUM] CWE-22 CVE-2012-4356: Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and W Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97
nvd
CVE-2011-4037P3CRITICALCVSS 9.3≤ 2.07.08v2.06.00+21 more2011-12-22
CVE-2011-4037 [CRITICAL] CWE-119 CVE-2011-4037: Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows us Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file.
nvd
CVE-2012-4358P3CRITICALCVSS 9.3≤ 2.07.16v2.06.00+25 more2012-08-19
CVE-2012-4358 [CRITICAL] CWE-20 CVE-2012-4358: Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer af
nvd
CVE-2012-4359P3CRITICALCVSS 9.3≤ 2.07.17v2.06.00+26 more2012-08-19
CVE-2012-4359 [CRITICAL] CVE-2012-4359: Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted negative integer after the
nvd
CVE-2017-5161P4HIGHCVSS 7.2≤ 3.01.102017-02-13
CVE-2017-5161 [HIGH] CWE-427 CVE-2017-5161: An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02 An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same leve
nvd
Sielcosistemi Winlog Pro vulnerabilities | cvebase