CVE-2017-5161 Vulnerability Details

  /     /     /  

CVE-2017-5161 Metadata Quick Info

CVE Published: 13/02/2017 | CVE Updated: 05/08/2024 | CVE Year: 2017
Source: icscert | Vendor: n/a | Product: Sielco Sistemi Winlog SCADA Software prior to Version 3.02.01
Status : PUBLISHED

---

CVE-2017-5161 Description

An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Sielco Sistemi Winlog SCADA Software DLL Hijacking
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).