CVE-2017-5161

An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL.
References
Link Resource
http://www.securityfocus.com/bid/96119 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01 Mitigation Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/96119 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01 Mitigation Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sielcosistemi:winlog_lite:*:*:*:*:*:*:*:*
cpe:2.3:a:sielcosistemi:winlog_pro:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:27

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/96119 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/96119 - Third Party Advisory, VDB Entry
References () https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01 - Mitigation, Third Party Advisory, US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01 - Mitigation, Third Party Advisory, US Government Resource

Information

Published : 2017-02-13 21:59

Updated : 2024-11-21 03:27


NVD link : CVE-2017-5161

Mitre link : CVE-2017-5161

CVE.ORG link : CVE-2017-5161


JSON object : View

Products Affected

sielcosistemi

  • winlog_pro
  • winlog_lite
CWE
CWE-427

Uncontrolled Search Path Element