CVE-2012-3815

Winlog Lite < 2.07.18 - Remote Code Execution via Crafted TCP Packet

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2012-3815. PoCs published by Metasploit, including Metasploit module exploits/windows/scada/winlog_runtime_2.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in Sielco Sistemi Winlog <= 2.07.14 by sending a maliciously crafted packet to the Runtime.exe service on port 46824, leading to arbitrary code execution.

Description

Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/19025

This Metasploit module exploits a buffer overflow in Sielco Sistemi Winlog <= 2.07.14 by sending a maliciously crafted packet to the Runtime.exe service on port 46824, leading to arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Sielco Sistemi Winlog <= 2.07.14
No auth needed
Prerequisites: Network access to the target system on port 46824 · Target system running Sielco Sistemi Winlog <= 2.07.14
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP
doswindows
https://www.exploit-db.com/exploits/19409

This is a detailed technical analysis of multiple vulnerabilities in Sielco Sistemi Winlog SCADA/HMI software, including code execution, stack overflow, directory traversal, and memory corruption issues. The document provides disassembly snippets, exploitation details, and proof-of-concept commands.

Classification
Writeup 100%
Attack Type
Rce | Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Sielco Sistemi Winlog <= 2.07.16
No auth needed
Prerequisites: Network access to TCP port 46824 · Winlog TCP/IP server enabled
devstral-2 · analyzed Feb 19, 2026 Full analysis →
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/winlog_runtime_2.rb

This Metasploit module exploits a buffer overflow in Sielco Sistemi Winlog (versions 2.07.14-2.07.16) by sending a maliciously crafted packet to the Runtime.exe service on port 46824, leading to arbitrary code execution via a JMP ESP technique and egghunter.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Sielco Sistemi Winlog <= 2.07.16
No auth needed
Prerequisites: Network access to target on port 46824 · Target running vulnerable Winlog version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/82654
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/49395
Exploit x_refsource_misc
http://www.s3cur1ty.de/m1adv2012-001
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1027128
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/76060
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.html
Various Sources x_refsource_confirm
http://www.sielcosistemi.com/en/news/index.html?id=70
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/53811
Various Sources x_refsource_confirm
http://www.sielcosistemi.com/en/news/index.html?id=69

Scores

EPSS 0.4434
EPSS Percentile 98.6%

Details

CWE
CWE-119
Status published
Products (50)
sielcosistemi/winlog_lite 2.06.00
sielcosistemi/winlog_lite 2.06.03
sielcosistemi/winlog_lite 2.06.04
sielcosistemi/winlog_lite 2.06.06
sielcosistemi/winlog_lite 2.06.09
sielcosistemi/winlog_lite 2.06.10
sielcosistemi/winlog_lite 2.06.12
sielcosistemi/winlog_lite 2.06.13
sielcosistemi/winlog_lite 2.06.14
sielcosistemi/winlog_lite 2.06.18
... and 40 more
Published Jun 27, 2012
Tracked Since Feb 18, 2026