Lucene search

K
cve[email protected]CVE-2012-4354
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4354

2022-10-0316:15:34
CWE-189
web.nvd.nist.gov
28
cve-2012-4354
sielco sistemi winlog pro
winlog lite scada
buffer overflow
remote code execution
tcpips_story.dll
nvd
security vulnerability
scada

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.024 Low

EPSS

Percentile

89.9%

TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD
Node
sielcosistemiwinlog_proRange2.07.16
OR
sielcosistemiwinlog_proMatch2.06.00
OR
sielcosistemiwinlog_proMatch2.06.03
OR
sielcosistemiwinlog_proMatch2.06.04
OR
sielcosistemiwinlog_proMatch2.06.06
OR
sielcosistemiwinlog_proMatch2.06.09
OR
sielcosistemiwinlog_proMatch2.06.10
OR
sielcosistemiwinlog_proMatch2.06.12
OR
sielcosistemiwinlog_proMatch2.06.13
OR
sielcosistemiwinlog_proMatch2.06.14
OR
sielcosistemiwinlog_proMatch2.06.18
OR
sielcosistemiwinlog_proMatch2.06.21
OR
sielcosistemiwinlog_proMatch2.06.24
OR
sielcosistemiwinlog_proMatch2.06.25
OR
sielcosistemiwinlog_proMatch2.06.28
OR
sielcosistemiwinlog_proMatch2.06.40
OR
sielcosistemiwinlog_proMatch2.06.46
OR
sielcosistemiwinlog_proMatch2.06.50
OR
sielcosistemiwinlog_proMatch2.06.60
OR
sielcosistemiwinlog_proMatch2.06.73
OR
sielcosistemiwinlog_proMatch2.06.86
OR
sielcosistemiwinlog_proMatch2.07.00
OR
sielcosistemiwinlog_proMatch2.07.01
OR
sielcosistemiwinlog_proMatch2.07.08
OR
sielcosistemiwinlog_proMatch2.07.09
OR
sielcosistemiwinlog_proMatch2.07.11
OR
sielcosistemiwinlog_proMatch2.07.14
Node
sielcosistemiwinlog_liteRange2.07.16
OR
sielcosistemiwinlog_liteMatch2.06.00
OR
sielcosistemiwinlog_liteMatch2.06.03
OR
sielcosistemiwinlog_liteMatch2.06.04
OR
sielcosistemiwinlog_liteMatch2.06.06
OR
sielcosistemiwinlog_liteMatch2.06.09
OR
sielcosistemiwinlog_liteMatch2.06.10
OR
sielcosistemiwinlog_liteMatch2.06.12
OR
sielcosistemiwinlog_liteMatch2.06.13
OR
sielcosistemiwinlog_liteMatch2.06.14
OR
sielcosistemiwinlog_liteMatch2.06.18
OR
sielcosistemiwinlog_liteMatch2.06.21
OR
sielcosistemiwinlog_liteMatch2.06.24
OR
sielcosistemiwinlog_liteMatch2.06.25
OR
sielcosistemiwinlog_liteMatch2.06.28
OR
sielcosistemiwinlog_liteMatch2.06.40
OR
sielcosistemiwinlog_liteMatch2.06.46
OR
sielcosistemiwinlog_liteMatch2.06.50
OR
sielcosistemiwinlog_liteMatch2.06.60
OR
sielcosistemiwinlog_liteMatch2.06.73
OR
sielcosistemiwinlog_liteMatch2.06.86
OR
sielcosistemiwinlog_liteMatch2.07.00
OR
sielcosistemiwinlog_liteMatch2.07.01
OR
sielcosistemiwinlog_liteMatch2.07.08
OR
sielcosistemiwinlog_liteMatch2.07.09
OR
sielcosistemiwinlog_liteMatch2.07.11
OR
sielcosistemiwinlog_liteMatch2.07.14

7.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.024 Low

EPSS

Percentile

89.9%