var-201702-0679
Vulnerability from variot
An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL. SIELCO SISTEMI Winlog is an application for data acquisition and remote control of SCADA HMI monitoring software. A native code execution vulnerability exists in Sielco Sistemi Winlog Pro and Winlog Lite. An attacker exploited the vulnerability to execute arbitrary code or crash an application in an affected application, causing a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0679",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "winlog lite",
"scope": "lte",
"trust": 1.0,
"vendor": "sielcosistemi",
"version": "3.01.10"
},
{
"model": "winlog pro",
"scope": "lte",
"trust": 1.0,
"vendor": "sielcosistemi",
"version": "3.01.10"
},
{
"model": "winlog lite",
"scope": "lt",
"trust": 0.8,
"vendor": "sielco sistemi",
"version": "3.02.01"
},
{
"model": "winlog pro",
"scope": "lt",
"trust": 0.8,
"vendor": "sielco sistemi",
"version": "3.02.01"
},
{
"model": "sistemi winlog pro",
"scope": "eq",
"trust": 0.6,
"vendor": "sielco",
"version": "2.7.9"
},
{
"model": "sistemi winlog pro",
"scope": "eq",
"trust": 0.6,
"vendor": "sielco",
"version": "2.7"
},
{
"model": "sistemi winlog pro",
"scope": "eq",
"trust": 0.6,
"vendor": "sielco",
"version": "2.7.1"
},
{
"model": "sistemi winlog lite",
"scope": "eq",
"trust": 0.6,
"vendor": "sielco",
"version": "2.07.14"
},
{
"model": "sistemi winlog pro",
"scope": "eq",
"trust": 0.6,
"vendor": "sielco",
"version": "2.7.18"
},
{
"model": "sistemi winlog pro",
"scope": "eq",
"trust": 0.6,
"vendor": "sielco",
"version": "2.7.16"
},
{
"model": "sistemi winlog lite",
"scope": "eq",
"trust": 0.6,
"vendor": "sielco",
"version": "2.7.9"
},
{
"model": "sistemi winlog lite",
"scope": "eq",
"trust": 0.6,
"vendor": "sielco",
"version": "2.07.16"
},
{
"model": "winlog lite",
"scope": "eq",
"trust": 0.6,
"vendor": "sielcosistemi",
"version": "3.01.10"
},
{
"model": "winlog pro",
"scope": "eq",
"trust": 0.6,
"vendor": "sielcosistemi",
"version": "3.01.10"
},
{
"model": "winlog pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "2.7.18"
},
{
"model": "winlog pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "2.7.16"
},
{
"model": "winlog pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "2.7.9"
},
{
"model": "winlog pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "2.7.1"
},
{
"model": "winlog pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "2.7"
},
{
"model": "winlog lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "2.7.9"
},
{
"model": "winlog lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "2.07.16"
},
{
"model": "winlog lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "2.07.14"
},
{
"model": "winlog pro",
"scope": "ne",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "3.2.1"
},
{
"model": "winlog lite",
"scope": "ne",
"trust": 0.3,
"vendor": "sielcosistemi",
"version": "3.2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "winlog lite",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "winlog pro",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
},
{
"db": "CNVD",
"id": "CNVD-2017-01561"
},
{
"db": "BID",
"id": "96119"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-383"
},
{
"db": "NVD",
"id": "CVE-2017-5161"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:sielcosistemi:winlog_lite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sielcosistemi:winlog_pro",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002236"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Karn Ganeshen",
"sources": [
{
"db": "BID",
"id": "96119"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-383"
}
],
"trust": 0.9
},
"cve": "CVE-2017-5161",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-5161",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2017-01561",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.6,
"id": "CVE-2017-5161",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5161",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-5161",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-01561",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-383",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
},
{
"db": "CNVD",
"id": "CNVD-2017-01561"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-383"
},
{
"db": "NVD",
"id": "CVE-2017-5161"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL. SIELCO SISTEMI Winlog is an application for data acquisition and remote control of SCADA HMI monitoring software. A native code execution vulnerability exists in Sielco Sistemi Winlog Pro and Winlog Lite. An attacker exploited the vulnerability to execute arbitrary code or crash an application in an affected application, causing a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"db": "CNVD",
"id": "CNVD-2017-01561"
},
{
"db": "BID",
"id": "96119"
},
{
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5161",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-17-038-01",
"trust": 2.7
},
{
"db": "BID",
"id": "96119",
"trust": 2.5
},
{
"db": "CNVD",
"id": "CNVD-2017-01561",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201702-383",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002236",
"trust": 0.8
},
{
"db": "IVD",
"id": "2ECB868A-3B72-437C-A2E8-7597DB52BF61",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
},
{
"db": "CNVD",
"id": "CNVD-2017-01561"
},
{
"db": "BID",
"id": "96119"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-383"
},
{
"db": "NVD",
"id": "CVE-2017-5161"
}
]
},
"id": "VAR-201702-0679",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
},
{
"db": "CNVD",
"id": "CNVD-2017-01561"
}
],
"trust": 1.5875
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
},
{
"db": "CNVD",
"id": "CNVD-2017-01561"
}
]
},
"last_update_date": "2024-11-23T22:13:10.422000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WinLog Pro",
"trust": 0.8,
"url": "https://www.sielcosistemi.com/en/download/public/download.html"
},
{
"title": "Sielco Sistemi Winlog Pro/ Winlog Lite DLL loads patches for native code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/89505"
},
{
"title": "Sielco Sistemi Winlog Pro/ Winlog Lite Fixes for code injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67685"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01561"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-383"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-427",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"db": "NVD",
"id": "CVE-2017-5161"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-038-01"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/96119"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5161"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5161"
},
{
"trust": 0.3,
"url": "http://blog.rapid7.com/?p=5325"
},
{
"trust": 0.3,
"url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
},
{
"trust": 0.3,
"url": "http://www.sielcosistemi.com/en/products/winlog_scada_hmi/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01561"
},
{
"db": "BID",
"id": "96119"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-383"
},
{
"db": "NVD",
"id": "CVE-2017-5161"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
},
{
"db": "CNVD",
"id": "CNVD-2017-01561"
},
{
"db": "BID",
"id": "96119"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-383"
},
{
"db": "NVD",
"id": "CVE-2017-5161"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-18T00:00:00",
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
},
{
"date": "2017-02-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01561"
},
{
"date": "2017-02-07T00:00:00",
"db": "BID",
"id": "96119"
},
{
"date": "2017-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"date": "2017-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-383"
},
{
"date": "2017-02-13T21:59:02.830000",
"db": "NVD",
"id": "CVE-2017-5161"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01561"
},
{
"date": "2017-03-07T05:02:00",
"db": "BID",
"id": "96119"
},
{
"date": "2017-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002236"
},
{
"date": "2017-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-383"
},
{
"date": "2024-11-21T03:27:10.700000",
"db": "NVD",
"id": "CVE-2017-5161"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-383"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sielco Sistemi Winlog Pro/ Winlog Lite DLL Load Local Code Execution Vulnerability",
"sources": [
{
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
},
{
"db": "CNVD",
"id": "CNVD-2017-01561"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "2ecb868a-3b72-437c-a2e8-7597db52bf61"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-383"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…