Sielco Sistemi Overwrite Vulnerability

Thursday, October 4, 2012 @ 05:10 PM gHale


There is a Structured Exception Handler (SEH) overwrite vulnerability with proof-of-concept (PoC) exploit code affecting Sielco Sistemi WinLog Lite SCADA HMI, a supervisory control and data acquisition/human-machine interface (SCADA/HMI).

The vulnerability is exploitable by overwriting the SEH to allow insertion and execution of shell-code, according to a report on ICS-CERT.

RELATED STORIES
Hotfix for DeltaV Vulnerability
Optimalog Closes Optima PLC Hole
Siemens has Fix for CA Vulnerability
ORing SCADA Line Vulnerability

Independent security researcher “FaryadR” (aka Ciph3r) on the Web site packetstormsecurity.org released the report without coordination with either the vendor or ICS-CERT.

The vendor is aware of the report and the company is researching the vulnerability and identify mitigations. ICS-CERT issued their alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cyber security attacks.

The report included vulnerability details and PoC exploit code for Sielco Sistemi — WinLog Lite SCADA HMI, ver. 2.06.17

If an attacker exploited this vulnerability, it could lead to possible code execution.

Italy-based Sielco Sistemi has sales and support offices worldwide providing multiple SCADA/HMI solutions.



Leave a Reply

You must be logged in to post a comment.