PT-2017-16355 · Sielco Sistemi · Winlog Pro Scada+1

Published

2017-02-13

Updated

2017-03-15

CVE-2017-5161

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Sielco Sistemi Winlog Lite SCADA Software versions prior to 3.02.01 Sielco Sistemi Winlog Pro SCADA Software versions prior to 3.02.01

Description An uncontrolled search path element, also known as DLL Hijacking, has been identified in the software. This issue could allow an attacker to gain access to the system with the same level of privilege as the application that uses the malicious DLL.

Recommendations For Sielco Sistemi Winlog Lite SCADA Software versions prior to 3.02.01, update to version 3.02.01 or later. For Sielco Sistemi Winlog Pro SCADA Software versions prior to 3.02.01, update to version 3.02.01 or later.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2017-5161

Affected Products

Winlog Lite Scada

Winlog Pro Scada

PT-2017-16355 · Sielco Sistemi · Winlog Pro Scada+1

CVE-2017-5161

Weakness Enumeration

Related Identifiers

Affected Products

References · 4