What is CVE-2012-3815?

CVE-2012-3815 is a vulnerability in Sielcosistemi Winlog_lite, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-06-27.

Is CVE-2012-3815 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Sielcosistemi Winlog_lite

CVE-2012-3815

Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details ar…

Vulnerability class: Buffer Overflow

EPSS: 0.808 (99.2th percentile) — read the EPSS interpretation.

Affected products

Sielcosistemi Winlog_lite — versions 2.06.00, 2.06.03, 2.06.04
Sielcosistemi Winlog_pro — versions 2.06.00, 2.06.03, 2.06.04
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

82654 (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_MISC)
49395 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (Exploit, x_refsource_MISC)
1027128 (vdb-entry, x_refsource_SECTRACK)
winlog-request-bo(76060) (vdb-entry, x_refsource_XF)
20120605 Sielco Sistemi Winlog Buffer Overflow <= v2.07.14 (mailing-list, Exploit, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_CONFIRM)
53811 (Exploit, vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2012-3815?: CVE-2012-3815 is a vulnerability in Sielcosistemi Winlog_lite, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-06-27.
Is CVE-2012-3815 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.