CVE-2011-0517

Sielco Sistemi Winlog Pro < 2.07.00 - Remote Code Execution via Crafted 0x02 Opcode

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2011-0517. PoCs published by Metasploit, Luigi Auriemma, Luigi Auriemma, MC, including Metasploit module exploits/windows/scada/winlog_runtime.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in Sielco Sistemi Winlog <= 2.07.00 by sending a maliciously crafted packet to the Runtime.exe service, allowing arbitrary code execution. The exploit uses SEH overwrites and a custom payload to achieve remote code execution.

Description

Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/17430

This Metasploit module exploits a buffer overflow in Sielco Sistemi Winlog <= 2.07.00 by sending a maliciously crafted packet to the Runtime.exe service, allowing arbitrary code execution. The exploit uses SEH overwrites and a custom payload to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Sielco Sistemi Winlog <= 2.07.00
No auth needed
Prerequisites: Network access to the target system on port 46823
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Luigi Auriemma · textdoswindows
https://www.exploit-db.com/exploits/15992

This exploit targets a stack overflow vulnerability in Sielco Sistemi Winlog SCADA software (versions <= 2.07.00) via opcode 0x02 in the TCP/IP server component. The PoC uses a crafted packet to overflow a 60-byte buffer, leading to potential remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Sielco Sistemi Winlog <= 2.07.00
No auth needed
Prerequisites: TCP/IP server enabled in Winlog configuration · Network access to port 46823
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by Luigi Auriemma, MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/winlog_runtime.rb

This Metasploit module exploits a buffer overflow in Sielco Sistemi Winlog <= 2.07.00 by sending a maliciously crafted packet to the Runtime.exe service, allowing arbitrary code execution. The exploit leverages SEH overwrites and a known return address to achieve RCE.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Sielco Sistemi Winlog <= 2.07.00
No auth needed
Prerequisites: Network access to the target service on port 46823
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8280
Exploit x_refsource_misc
http://aluigi.org/adv/winlog_1-adv.txt
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0126
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42894
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/70418
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/496040
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45813
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/15992
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64716

Scores

EPSS 0.7109
EPSS Percentile 98.7%

Details

CWE
CWE-119
Status published
Products (1)
sielcosistemi/winlog_pro < 2.07.00
Published Jan 20, 2011
Tracked Since Feb 18, 2026