Sielco Sistemi Winlog < 2.07.18 Multiple Vulnerabilities

Critical Nessus Plugin ID 61494


A SCADA application on the remote host is affected by multiple vulnerabilities.


The remote host has a version of Sielco Sistemi Winlog prior to 2.07.18 that is affected by the following vulnerabilities:

- A buffer overflow vulnerability exists in RunTime.exe could allow an attacker to execute arbitrary code on the remote host. It can be triggered by sending specially crafted packets to port 46824. (CVE-2012-3815)

- There are multiple buffer overflows that can be triggered by sending a specially crafted packet with a negative integer after an opcode to port 46824. This may give attackers the ability to execute arbitrary code. (CVE-2012-4355, CVE-2012-4358)


Upgrade to WinLog 2.07.18 or later.

See Also

Plugin Details

Severity: Critical

ID: 61494

File Name: scada_winlog_2_07_18.nbin

Version: $Revision: 1.21 $

Type: local

Family: SCADA

Published: 2012/08/10

Modified: 2018/01/29

Dependencies: 55630

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:sielcosistemi:winlog_lite

Required KB Items: SCADA/Apps/Sielco_Sistemi/Winlog/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/07/31

Vulnerability Publication Date: 2012/06/26

Exploitable With

Metasploit (Sielco Sistemi Winlog Buffer Overflow 2.07.14 - 2.07.16)

Reference Information

CVE: CVE-2012-4355, CVE-2012-4359, CVE-2012-3815

BID: 53811, 54212

OSVDB: 82654, 82778, 83312

EDB-ID: 19409

ICS-ALERT: 12-179-01

ICSA: 12-213-01