PT-2017-16355 · Sielco Sistemi · Winlog Pro Scada+1

Publicado

2017-02-13

Atualizado

2017-03-15

CVE-2017-5161

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Sielco Sistemi Winlog Lite SCADA Software versions prior to 3.02.01 Sielco Sistemi Winlog Pro SCADA Software versions prior to 3.02.01

Description An uncontrolled search path element, also known as DLL Hijacking, has been identified in the software. This issue could allow an attacker to gain access to the system with the same level of privilege as the application that uses the malicious DLL.

Recommendations For Sielco Sistemi Winlog Lite SCADA Software versions prior to 3.02.01, update to version 3.02.01 or later. For Sielco Sistemi Winlog Pro SCADA Software versions prior to 3.02.01, update to version 3.02.01 or later.

Correção

Uncontrolled Search Path Element

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-427

Identificadores relacionados

CVE-2017-5161

Produtos afetados

Winlog Lite Scada

Winlog Pro Scada

PT-2017-16355 · Sielco Sistemi · Winlog Pro Scada+1

CVE-2017-5161

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4