There is a buffer overflow vulnerability with proof-of-concept (PoC) exploit code affecting Sielco Sistemi Winlog Version 2.07.14, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product, according to a report on ICS-CERT.
The vulnerability is exploitable by sending specially crafted requests to TCP/46824, according to researcher Michael Messner, who released the report without coordination with either the vendor or ICS-CERT.
ICS-CERT notified Sielco of the report and has asked them to confirm the vulnerability and identify mitigations. ICS-CERT is issuing this alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cyber security attacks.
The report included vulnerability details and PoC exploit code. Winlog is a SCADA/HMI software package for the supervision of industrial and civil plants. It can connect to PLCs, controllers, motor drives, and I/O modules.