Lucene search

K
cve[email protected]CVE-2012-4357
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4357

2022-10-0316:15:34
CWE-20
web.nvd.nist.gov
20
cve-2012-4357
sielco sistemi
winlog pro
winlog lite
scada
remote code execution
security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

84.0%

Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.

Affected configurations

NVD
Node
sielcosistemiwinlog_proRange2.07.16
OR
sielcosistemiwinlog_proMatch2.06.00
OR
sielcosistemiwinlog_proMatch2.06.03
OR
sielcosistemiwinlog_proMatch2.06.04
OR
sielcosistemiwinlog_proMatch2.06.06
OR
sielcosistemiwinlog_proMatch2.06.09
OR
sielcosistemiwinlog_proMatch2.06.10
OR
sielcosistemiwinlog_proMatch2.06.12
OR
sielcosistemiwinlog_proMatch2.06.13
OR
sielcosistemiwinlog_proMatch2.06.14
OR
sielcosistemiwinlog_proMatch2.06.18
OR
sielcosistemiwinlog_proMatch2.06.21
OR
sielcosistemiwinlog_proMatch2.06.24
OR
sielcosistemiwinlog_proMatch2.06.25
OR
sielcosistemiwinlog_proMatch2.06.28
OR
sielcosistemiwinlog_proMatch2.06.40
OR
sielcosistemiwinlog_proMatch2.06.46
OR
sielcosistemiwinlog_proMatch2.06.50
OR
sielcosistemiwinlog_proMatch2.06.60
OR
sielcosistemiwinlog_proMatch2.06.73
OR
sielcosistemiwinlog_proMatch2.06.86
OR
sielcosistemiwinlog_proMatch2.07.00
OR
sielcosistemiwinlog_proMatch2.07.01
OR
sielcosistemiwinlog_proMatch2.07.08
OR
sielcosistemiwinlog_proMatch2.07.09
OR
sielcosistemiwinlog_proMatch2.07.11
OR
sielcosistemiwinlog_proMatch2.07.14
Node
sielcosistemiwinlog_liteRange2.07.16
OR
sielcosistemiwinlog_liteMatch2.06.00
OR
sielcosistemiwinlog_liteMatch2.06.03
OR
sielcosistemiwinlog_liteMatch2.06.04
OR
sielcosistemiwinlog_liteMatch2.06.06
OR
sielcosistemiwinlog_liteMatch2.06.09
OR
sielcosistemiwinlog_liteMatch2.06.10
OR
sielcosistemiwinlog_liteMatch2.06.12
OR
sielcosistemiwinlog_liteMatch2.06.13
OR
sielcosistemiwinlog_liteMatch2.06.14
OR
sielcosistemiwinlog_liteMatch2.06.18
OR
sielcosistemiwinlog_liteMatch2.06.21
OR
sielcosistemiwinlog_liteMatch2.06.24
OR
sielcosistemiwinlog_liteMatch2.06.25
OR
sielcosistemiwinlog_liteMatch2.06.28
OR
sielcosistemiwinlog_liteMatch2.06.40
OR
sielcosistemiwinlog_liteMatch2.06.46
OR
sielcosistemiwinlog_liteMatch2.06.50
OR
sielcosistemiwinlog_liteMatch2.06.60
OR
sielcosistemiwinlog_liteMatch2.06.73
OR
sielcosistemiwinlog_liteMatch2.06.86
OR
sielcosistemiwinlog_liteMatch2.07.00
OR
sielcosistemiwinlog_liteMatch2.07.01
OR
sielcosistemiwinlog_liteMatch2.07.08
OR
sielcosistemiwinlog_liteMatch2.07.09
OR
sielcosistemiwinlog_liteMatch2.07.11
OR
sielcosistemiwinlog_liteMatch2.07.14

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

84.0%

Related for CVE-2012-4357