Details of VAR-201702-0679

ID

VAR-201702-0679

CVE

CVE-2017-5161

TITLE

Sielco Sistemi Winlog Pro/ Winlog Lite DLL Load Local Code Execution Vulnerability

Trust: 0.8

sources: IVD: 2ecb868a-3b72-437c-a2e8-7597db52bf61 // CNVD: CNVD-2017-01561

DESCRIPTION

An issue was discovered in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the application that utilizes the malicious DLL. SIELCO SISTEMI Winlog is an application for data acquisition and remote control of SCADA HMI monitoring software. A native code execution vulnerability exists in Sielco Sistemi Winlog Pro and Winlog Lite. An attacker exploited the vulnerability to execute arbitrary code or crash an application in an affected application, causing a denial of service

Trust: 2.61

sources: NVD: CVE-2017-5161 // JVNDB: JVNDB-2017-002236 // CNVD: CNVD-2017-01561 // BID: 96119 // IVD: 2ecb868a-3b72-437c-a2e8-7597db52bf61

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 2ecb868a-3b72-437c-a2e8-7597db52bf61 // CNVD: CNVD-2017-01561

AFFECTED PRODUCTS

vendor:	sielcosistemi	model:	winlog pro	scope:	lte	version:	3.01.10	Trust: 1.0
vendor:	sielcosistemi	model:	winlog lite	scope:	lte	version:	3.01.10	Trust: 1.0
vendor:	sielco sistemi	model:	winlog lite	scope:	lt	version:	3.02.01	Trust: 0.8
vendor:	sielco sistemi	model:	winlog pro	scope:	lt	version:	3.02.01	Trust: 0.8
vendor:	sielco	model:	sistemi winlog pro	scope:	eq	version:	2.7.9	Trust: 0.6
vendor:	sielco	model:	sistemi winlog pro	scope:	eq	version:	2.7	Trust: 0.6
vendor:	sielco	model:	sistemi winlog pro	scope:	eq	version:	2.7.1	Trust: 0.6
vendor:	sielco	model:	sistemi winlog lite	scope:	eq	version:	2.07.14	Trust: 0.6
vendor:	sielco	model:	sistemi winlog pro	scope:	eq	version:	2.7.18	Trust: 0.6
vendor:	sielco	model:	sistemi winlog pro	scope:	eq	version:	2.7.16	Trust: 0.6
vendor:	sielco	model:	sistemi winlog lite	scope:	eq	version:	2.7.9	Trust: 0.6
vendor:	sielco	model:	sistemi winlog lite	scope:	eq	version:	2.07.16	Trust: 0.6
vendor:	sielcosistemi	model:	winlog lite	scope:	eq	version:	3.01.10	Trust: 0.6
vendor:	sielcosistemi	model:	winlog pro	scope:	eq	version:	3.01.10	Trust: 0.6
vendor:	sielcosistemi	model:	winlog pro	scope:	eq	version:	2.7.18	Trust: 0.3
vendor:	sielcosistemi	model:	winlog pro	scope:	eq	version:	2.7.16	Trust: 0.3
vendor:	sielcosistemi	model:	winlog pro	scope:	eq	version:	2.7.9	Trust: 0.3
vendor:	sielcosistemi	model:	winlog pro	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	sielcosistemi	model:	winlog pro	scope:	eq	version:	2.7	Trust: 0.3
vendor:	sielcosistemi	model:	winlog lite	scope:	eq	version:	2.7.9	Trust: 0.3
vendor:	sielcosistemi	model:	winlog lite	scope:	eq	version:	2.07.16	Trust: 0.3
vendor:	sielcosistemi	model:	winlog lite	scope:	eq	version:	2.07.14	Trust: 0.3
vendor:	sielcosistemi	model:	winlog pro	scope:	ne	version:	3.2.1	Trust: 0.3
vendor:	sielcosistemi	model:	winlog lite	scope:	ne	version:	3.2.1	Trust: 0.3
vendor:	winlog lite	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	winlog pro	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 2ecb868a-3b72-437c-a2e8-7597db52bf61 // CNVD: CNVD-2017-01561 // BID: 96119 // JVNDB: JVNDB-2017-002236 // NVD: CVE-2017-5161 // CNNVD: CNNVD-201702-383

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2017-5161
value:	HIGH
Trust: 1.8
CNVD:	CNVD-2017-01561
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201702-383
value:	CRITICAL
Trust: 0.6
IVD:	2ecb868a-3b72-437c-a2e8-7597db52bf61
value:	CRITICAL
Trust: 0.2

NVD:
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	TRUE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-5161
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2017-01561
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	2ecb868a-3b72-437c-a2e8-7597db52bf61
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

NVD:
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.6
impactScore:	6.0
version:	3.0
Trust: 1.0
NVD:	CVE-2017-5161
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: 2ecb868a-3b72-437c-a2e8-7597db52bf61 // CNVD: CNVD-2017-01561 // JVNDB: JVNDB-2017-002236 // NVD: CVE-2017-5161 // CNNVD: CNNVD-201702-383

PROBLEMTYPE DATA

problemtype:

CWE-427

Trust: 1.8

sources: JVNDB: JVNDB-2017-002236 // NVD: CVE-2017-5161

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-383

TYPE

Code injection

Trust: 0.8

sources: IVD: 2ecb868a-3b72-437c-a2e8-7597db52bf61 // CNNVD: CNNVD-201702-383

CONFIGURATIONS

sources: NVD: CVE-2017-5161

PATCH

title:	WinLog Pro	url:	https://www.sielcosistemi.com/en/download/public/download.html	Trust: 0.8
title:	Sielco Sistemi Winlog Pro/ Winlog Lite DLL loads patches for native code execution vulnerabilities	url:	https://www.cnvd.org.cn/patchinfo/show/89505	Trust: 0.6
title:	Sielco Sistemi Winlog Pro/ Winlog Lite Fixes for code injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67685	Trust: 0.6

sources: CNVD: CNVD-2017-01561 // JVNDB: JVNDB-2017-002236 // CNNVD: CNNVD-201702-383

EXTERNAL IDS

db:	NVD	id:	CVE-2017-5161	Trust: 3.5
db:	ICS CERT	id:	ICSA-17-038-01	Trust: 2.7
db:	BID	id:	96119	Trust: 2.5
db:	CNVD	id:	CNVD-2017-01561	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-383	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-002236	Trust: 0.8
db:	IVD	id:	2ECB868A-3B72-437C-A2E8-7597DB52BF61	Trust: 0.2

sources: IVD: 2ecb868a-3b72-437c-a2e8-7597db52bf61 // CNVD: CNVD-2017-01561 // BID: 96119 // JVNDB: JVNDB-2017-002236 // NVD: CVE-2017-5161 // CNNVD: CNNVD-201702-383

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-038-01	Trust: 2.7
url:	http://www.securityfocus.com/bid/96119	Trust: 2.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5161	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-5161	Trust: 0.8
url:	http://blog.rapid7.com/?p=5325	Trust: 0.3
url:	http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html	Trust: 0.3
url:	http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx	Trust: 0.3
url:	http://www.sielcosistemi.com/en/products/winlog_scada_hmi/	Trust: 0.3

sources: CNVD: CNVD-2017-01561 // BID: 96119 // JVNDB: JVNDB-2017-002236 // NVD: CVE-2017-5161 // CNNVD: CNNVD-201702-383

CREDITS

Karn Ganeshen

Trust: 0.9

sources: BID: 96119 // CNNVD: CNNVD-201702-383

SOURCES

db:	IVD	id:	2ecb868a-3b72-437c-a2e8-7597db52bf61
db:	CNVD	id:	CNVD-2017-01561
db:	BID	id:	96119
db:	JVNDB	id:	JVNDB-2017-002236
db:	NVD	id:	CVE-2017-5161
db:	CNNVD	id:	CNNVD-201702-383

LAST UPDATE DATE

2023-12-18T12:37:36.552000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-01561	date:	2017-02-18T00:00:00
db:	BID	id:	96119	date:	2017-03-07T05:02:00
db:	JVNDB	id:	JVNDB-2017-002236	date:	2017-04-05T00:00:00
db:	NVD	id:	CVE-2017-5161	date:	2017-03-15T17:44:08.717
db:	CNNVD	id:	CNNVD-201702-383	date:	2017-02-13T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	2ecb868a-3b72-437c-a2e8-7597db52bf61	date:	2017-02-18T00:00:00
db:	CNVD	id:	CNVD-2017-01561	date:	2017-02-20T00:00:00
db:	BID	id:	96119	date:	2017-02-07T00:00:00
db:	JVNDB	id:	JVNDB-2017-002236	date:	2017-04-05T00:00:00
db:	NVD	id:	CVE-2017-5161	date:	2017-02-13T21:59:02.830
db:	CNNVD	id:	CNNVD-201702-383	date:	2017-02-13T00:00:00