Vulnerabilites related to wellintech - kingscada
var-201401-0054
Vulnerability from variot
WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingSCADA KingAlarm&Event. Authentication is not required to exploit this vulnerability. The specific flaw exists within KAEManageServer.exe, which listens by default on TCP port 8130. Authentication to this service is performed locally through the KAEClientManager console but no authentication is performed against remote connections. A remote attacker with knowledge of the protocol can use this to disclose certain credentials and login to the Oracle database as a legitimate user. KingSCADA is a versatile industrial monitoring software that integrates process control design, field operations and plant resource management. KingGraphic can access data from multiple industrial real-time databases and relational databases. Wait. Multiple WellinTech products are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingscada",
"scope": "eq",
"trust": 1.2,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "eq",
"trust": 1.2,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingscada",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingalarm\\\u0026event",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kinggraphic",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingalarm\u0026event",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingscada",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingalarm \u0026 event",
"scope": null,
"trust": 0.7,
"vendor": "wellintech",
"version": null
},
{
"model": "kingalarm\u0026event",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingalarm\\\u0026event",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.3,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingalarm event",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kinggraphic",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingscada",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "BID",
"id": "64938"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:wellintech:kingalarm%26event",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:wellintech:kinggraphic",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:wellintech:kingscada",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi aka rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-012"
}
],
"trust": 0.7
},
"cve": "CVE-2013-2826",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-2826",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-2826",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-00423",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4c53be94-2352-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2826",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-2826",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2013-2826",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-00423",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-297",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingSCADA KingAlarm\u0026Event. Authentication is not required to exploit this vulnerability. The specific flaw exists within KAEManageServer.exe, which listens by default on TCP port 8130. Authentication to this service is performed locally through the KAEClientManager console but no authentication is performed against remote connections. A remote attacker with knowledge of the protocol can use this to disclose certain credentials and login to the Oracle database as a legitimate user. KingSCADA is a versatile industrial monitoring software that integrates process control design, field operations and plant resource management. KingGraphic can access data from multiple industrial real-time databases and relational databases. Wait. Multiple WellinTech products are prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2826"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "BID",
"id": "64938"
},
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2826",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-13-344-01",
"trust": 3.0
},
{
"db": "BID",
"id": "64938",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-00423",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1553",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-012",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "56443",
"trust": 0.6
},
{
"db": "IVD",
"id": "4C53BE94-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "BID",
"id": "64938"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"id": "VAR-201401-0054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
}
],
"trust": 1.4583333333333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
}
]
},
"last_update_date": "2024-08-14T14:27:56.069000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
},
{
"title": "Patch of multiple WellinTech products ActiveX Remote Information Disclosure Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/42548"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-344-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2826"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2826"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56443/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "BID",
"id": "64938"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-17T00:00:00",
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"date": "2014-01-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"date": "2014-01-14T00:00:00",
"db": "BID",
"id": "64938"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"date": "2014-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-297"
},
{
"date": "2014-01-15T16:08:18.140000",
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"date": "2014-01-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"date": "2014-02-05T17:45:00",
"db": "BID",
"id": "64938"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"date": "2014-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-297"
},
{
"date": "2014-01-16T17:18:57.317000",
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural WellinTech Vulnerabilities that can bypass access restrictions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
],
"trust": 0.6
}
}
var-201812-0720
Vulnerability from variot
WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401. WellinTech KingSCADA Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. WellinTech KingSCADA is a cross-platform SCADA system software from China's WellinTech. The software has model application, remote centralized management deployment, multi-person simultaneous development, data acquisition and processing
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0720",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingscada",
"scope": "lt",
"trust": 2.4,
"vendor": "wellintech",
"version": "3.7.0.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingscada",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:wellintech:kingscada",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
}
]
},
"cve": "CVE-2018-20410",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-20410",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04902",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "7d860592-463f-11e9-8c21-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-20410",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-20410",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-20410",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-04902",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-1067",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401. WellinTech KingSCADA Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. WellinTech KingSCADA is a cross-platform SCADA system software from China\u0027s WellinTech. The software has model application, remote centralized management deployment, multi-person simultaneous development, data acquisition and processing",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-20410"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-20410",
"trust": 3.2
},
{
"db": "CNVD",
"id": "CNVD-2019-04902",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D860592-463F-11E9-8C21-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"id": "VAR-201812-0720",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
}
],
"trust": 1.4
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
}
]
},
"last_update_date": "2024-11-23T23:11:56.966000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "KINGSCADA",
"trust": 0.8,
"url": "http://www.wellintech.com/product-kingscada.html"
},
{
"title": "WellinTech KingSCADA Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88153"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/debugging.md"
},
{
"trust": 1.6,
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20410"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20410"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-21T00:00:00",
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"date": "2019-02-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"date": "2019-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"date": "2018-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-1067"
},
{
"date": "2018-12-24T02:29:00.233000",
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"date": "2019-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-1067"
},
{
"date": "2024-11-21T04:01:26.123000",
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
],
"trust": 0.8
}
}
var-201205-0115
Vulnerability from variot
WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file. KingSCADA is a SCADA product for the high and mid-end markets. KingSCADA stores the password in the user64 file in Base64 format, and the user can easily decode and access the SCADA server. KingSCADA is prone to a remote information-disclosure vulnerability. Remote attackers can exploit this issue to obtain the password of the affected device. KingSCADA 3.0 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0115",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 2.4,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "kingview",
"version": "3.0"
},
{
"model": "das usa kingscada",
"scope": "eq",
"trust": 0.6,
"vendor": "icp",
"version": "3.0"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.3,
"vendor": "wellintech",
"version": "3.0"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:wellintech:kingview",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexandr Polyakov and Alexey Sintsov",
"sources": [
{
"db": "BID",
"id": "51582"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
}
],
"trust": 0.9
},
"cve": "CVE-2012-1977",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-1977",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2012-8819",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-1977",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-1977",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2012-8819",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-178",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file. KingSCADA is a SCADA product for the high and mid-end markets. KingSCADA stores the password in the user64 file in Base64 format, and the user can easily decode and access the SCADA server. KingSCADA is prone to a remote information-disclosure vulnerability. \nRemote attackers can exploit this issue to obtain the password of the affected device. \nKingSCADA 3.0 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1977"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1977",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-12-129-01",
"trust": 2.7
},
{
"db": "BID",
"id": "51582",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178",
"trust": 1.2
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-12-020-06",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2012-8819",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2012-0343",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7A93E1-463F-11E9-A373-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "DBCBB6DE-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "08E4171E-1F77-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"id": "VAR-201205-0115",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
}
],
"trust": 2.5249368666666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
}
]
},
"last_update_date": "2024-11-23T22:23:24.381000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/index.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp"
},
{
"title": "WellinTech KingSCADA Trust Management Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/36034"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-129-01.pdf"
},
{
"trust": 2.2,
"url": "http://dsecrg.com/pages/vul/show.php?id=405"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-12-020-06.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1977"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1977"
},
{
"trust": 0.6,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51582"
},
{
"trust": 0.3,
"url": "http://en.wellintech.com/products/detail.aspx?contentid=14"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-10T00:00:00",
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"date": "2012-05-10T00:00:00",
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-01T00:00:00",
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"date": "2012-01-20T00:00:00",
"db": "BID",
"id": "51582"
},
{
"date": "2012-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-178"
},
{
"date": "2012-05-09T10:33:15.020000",
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"date": "2012-05-08T22:10:00",
"db": "BID",
"id": "51582"
},
{
"date": "2012-09-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"date": "2012-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-178"
},
{
"date": "2024-11-21T01:38:13.353000",
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA Trust Management Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trust management",
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
],
"trust": 1.2
}
}
var-201401-0055
Vulnerability from variot
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the kxClientDownload.ocx ActiveX control. An attacker can leverage this vulnerability to execute code under the context of the administrator. KingSCADA is a versatile industrial monitoring software that integrates process control design, field operations and plant resource management. KingGraphic can access data from multiple industrial real-time databases and relational databases. Multiple WellinTech products are prone to a remote code-execution vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0055",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingscada",
"scope": "eq",
"trust": 1.2,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "eq",
"trust": 1.2,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingscada",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingalarm\\\u0026event",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kinggraphic",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingalarm\u0026event",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingscada",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingscada kinggraphic",
"scope": null,
"trust": 0.7,
"vendor": "wellintech",
"version": null
},
{
"model": "kingalarm\u0026event",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingalarm\\\u0026event",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.3,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingalarm event",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kinggraphic",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingscada",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "BID",
"id": "64941"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:wellintech:kingalarm%26event",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:wellintech:kinggraphic",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:wellintech:kingscada",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi aka rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-011"
}
],
"trust": 0.7
},
"cve": "CVE-2013-2827",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-2827",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 2.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-00422",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2827",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-2827",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2013-2827",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-00422",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-298",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the kxClientDownload.ocx ActiveX control. An attacker can leverage this vulnerability to execute code under the context of the administrator. KingSCADA is a versatile industrial monitoring software that integrates process control design, field operations and plant resource management. KingGraphic can access data from multiple industrial real-time databases and relational databases. Multiple WellinTech products are prone to a remote code-execution vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2827"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "BID",
"id": "64941"
},
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2827",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-13-344-01",
"trust": 3.0
},
{
"db": "BID",
"id": "64941",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-00422",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1552",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-011",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "56443",
"trust": 0.6
},
{
"db": "IVD",
"id": "4C4FAA70-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "BID",
"id": "64941"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"id": "VAR-201401-0055",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
}
],
"trust": 1.4583333333333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
}
]
},
"last_update_date": "2024-08-14T14:27:56.110000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
},
{
"title": "Patch of multiple WellinTech product ActiveX remote code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/42551"
},
{
"title": "KingGraphic3.1.2_EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47598"
},
{
"title": "KingAlarm\u0026Event3.1_EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47597"
},
{
"title": "KingSCADA3.1.2_EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47596"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-344-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2827"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2827"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56443/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "BID",
"id": "64941"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-17T00:00:00",
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"date": "2014-01-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"date": "2014-01-14T00:00:00",
"db": "BID",
"id": "64941"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"date": "2014-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-298"
},
{
"date": "2014-01-15T16:08:18.173000",
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"date": "2014-01-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"date": "2014-08-01T01:11:00",
"db": "BID",
"id": "64941"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"date": "2014-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-298"
},
{
"date": "2014-01-16T17:21:02.680000",
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural WellinTech Product ActiveX Any in control DLL Code download vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
],
"trust": 0.8
}
}
var-201404-0552
Vulnerability from variot
Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. Authentication is not required to exploit this vulnerability.The specific flaw exists within the protocol parsing code contained in kxNetDispose.dll. The parent service is called AEserver.exe and listens on port 12401. The process performs arithmetic on an user-supplied value used to determine the size of a copy operation allowing a potential integer wrap to cause a stack buffer overflow. An unauthenticated attacker can leverage this vulnerability to execute code under the context of the SYSTEM user. The KingSCADA family of products is a Windows-based monitoring and data acquisition application. WellinTech KingSCADA is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will likely cause denial-of-service conditions. KingSCADA versions prior to 3.1.2.13 is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0552",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingscada",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingscada",
"scope": null,
"trust": 1.3,
"vendor": "wellintech",
"version": null
},
{
"model": "kingscada",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingscada",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2.13"
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingscada",
"version": "3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingscada",
"version": "*"
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.3,
"vendor": "wellintech",
"version": "3.0"
}
],
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:wellintech:kingscada",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-071"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0787",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0787",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 2.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-02211",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "16b033d0-2352-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0787",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0787",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2014-0787",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-02211",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-179",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2014-0787",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. Authentication is not required to exploit this vulnerability.The specific flaw exists within the protocol parsing code contained in kxNetDispose.dll. The parent service is called AEserver.exe and listens on port 12401. The process performs arithmetic on an user-supplied value used to determine the size of a copy operation allowing a potential integer wrap to cause a stack buffer overflow. An unauthenticated attacker can leverage this vulnerability to execute code under the context of the SYSTEM user. The KingSCADA family of products is a Windows-based monitoring and data acquisition application. WellinTech KingSCADA is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will likely cause denial-of-service conditions. \nKingSCADA versions prior to 3.1.2.13 is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0787"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
}
],
"trust": 3.51
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42724",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0787"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0787",
"trust": 4.5
},
{
"db": "ICS CERT",
"id": "ICSA-14-098-02",
"trust": 3.1
},
{
"db": "BID",
"id": "66709",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "42724",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2014-02211",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1780",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-071",
"trust": 0.7
},
{
"db": "OSVDB",
"id": "105574",
"trust": 0.6
},
{
"db": "IVD",
"id": "16B033D0-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "101475FC-1EE0-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2014-0787",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"id": "VAR-201404-0552",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
}
]
},
"last_update_date": "2024-11-23T22:27:20.382000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Software Download",
"trust": 0.8,
"url": "http://www.wellintech.com/index.php?option=com_content\u0026amp;view=article\u0026amp;id=56\u0026amp;Itemid=11"
},
{
"title": "KingSCADA",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/KaisyaSeihin.htm#KingSCADA"
},
{
"title": "WellinTech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-098-02"
},
{
"title": "WellinTech KingSCADA Stack Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/44743"
},
{
"title": "KingSCADA3.1.2.13_EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49249"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.9,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-098-02"
},
{
"trust": 1.2,
"url": "https://www.exploit-db.com/exploits/42724/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/66709"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0787"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0787"
},
{
"trust": 0.6,
"url": "http://osvdb.com/show/osvdb/105574"
},
{
"trust": 0.3,
"url": "http://en.wellintech.com/products/detail.aspx?contentid=14"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33710"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-11T00:00:00",
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-04-11T00:00:00",
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"date": "2014-04-10T00:00:00",
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"date": "2014-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"date": "2014-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"date": "2014-04-08T00:00:00",
"db": "BID",
"id": "66709"
},
{
"date": "2014-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"date": "2014-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-179"
},
{
"date": "2014-04-12T04:37:31.737000",
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-10T00:00:00",
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"date": "2014-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"date": "2017-09-17T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"date": "2014-08-01T00:22:00",
"db": "BID",
"id": "66709"
},
{
"date": "2014-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"date": "2014-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-179"
},
{
"date": "2024-11-21T02:02:48.227000",
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
],
"trust": 1.0
}
}
CVE-2013-2826 (GCVE-0-2013-2826)
Vulnerability from cvelistv5
Published
2014-01-15 16:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:20.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-15T16:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-2826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-2826",
"datePublished": "2014-01-15T16:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:20.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1977 (GCVE-0-2012-1977)
Vulnerability from cvelistv5
Published
2012-05-09 10:00
Modified
2025-06-26 21:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WellinTech | KingSCADA |
Version: 3.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=405"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-129-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "KingSCADA",
"vendor": "WellinTech",
"versions": [
{
"status": "affected",
"version": "3.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Independent researchers Alexandr Polyakov and Alexey Sintsov from DSecRG identified an unsecure password encryption vulnerability in WellinTech KingSCADA application."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eWellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file.\u003c/p\u003e"
}
],
"value": "WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-26T21:30:25.305Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-129-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eWellinTech has provided the following link to the latest version of KingSCADA: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://download.kingview.com/software/KingSCADA/EN/KingSCADA3.1_2012-04-16EN.rar\"\u003ehttp://download.kingview.com/software/KingSCADA/EN/KingSCADA3.1_2012-04-16EN.rar\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eAccording to WellinTech, this new version securely hashes passwords.\u003c/p\u003e"
}
],
"value": "WellinTech has provided the following link to the latest version of KingSCADA: http://download.kingview.com/software/KingSCADA/EN/KingSCADA3.1_2012-04-16EN.rar .\n\nAccording to WellinTech, this new version securely hashes passwords."
}
],
"source": {
"advisory": "ICSA-12-129-01",
"discovery": "EXTERNAL"
},
"title": "WellinTech KingSCADA Missing Encryption of Sensitive Data",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2012-1977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dsecrg.com/pages/vul/show.php?id=405",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=405"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-129-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-129-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2012-1977",
"datePublished": "2012-05-09T10:00:00Z",
"dateReserved": "2012-03-30T00:00:00Z",
"dateUpdated": "2025-06-26T21:30:25.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20410 (GCVE-0-2018-20410)
Vulnerability from cvelistv5
Published
2018-12-24 02:00
Modified
2024-09-16 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:19.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-24T02:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py",
"refsource": "MISC",
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"name": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md",
"refsource": "MISC",
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20410",
"datePublished": "2018-12-24T02:00:00Z",
"dateReserved": "2018-12-23T00:00:00Z",
"dateUpdated": "2024-09-16T16:18:42.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0787 (GCVE-0-2014-0787)
Vulnerability from cvelistv5
Published
2014-04-12 01:00
Modified
2025-09-25 17:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/news-events/ics-advisories/icsa-14-098-02 | ||
| https://www.exploit-db.com/exploits/42724/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/66709 | vdb-entry, x_refsource_BID | |
| http://www.wellintech.com/index.php?option=com_content&view=article&id=56&Itemid=11 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WellinTech | KingSCADA |
Version: 0 < v3.1.2.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:19.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02"
},
{
"name": "42724",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42724/"
},
{
"name": "66709",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66709"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "KingSCADA",
"vendor": "WellinTech",
"versions": [
{
"lessThan": "v3.1.2.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "HP\u2019s Zero Day Initiative"
}
],
"datePublic": "2014-04-08T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T17:39:03.344Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-098-02"
},
{
"name": "42724",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42724/"
},
{
"name": "66709",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66709"
},
{
"url": "http://www.wellintech.com/index.php?option=com_content\u0026view=article\u0026id=56\u0026Itemid=11"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eWellinTech has created a patch and instructions for installation that are available for download on its web site at:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.wellintech.com/index.php?option=com_content\u0026amp;view=article\u0026amp;id=56\u0026amp;Itemid=11\"\u003ehttp://www.wellintech.com/index.php?option=com_content\u0026amp;view=article\u0026amp;id=56\u0026amp;Itemid=11\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "WellinTech has created a patch and instructions for installation that are available for download on its web site at:\n\n http://www.wellintech.com/index.php?option=com_content\u0026view=article\u0026id=56\u0026Itemid=11"
}
],
"source": {
"advisory": "ICSA-14-098-02",
"discovery": "EXTERNAL"
},
"title": "WellinTech KingSCADA Stack-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-0787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02"
},
{
"name": "42724",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42724/"
},
{
"name": "66709",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66709"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-0787",
"datePublished": "2014-04-12T01:00:00",
"dateReserved": "2014-01-02T00:00:00",
"dateUpdated": "2025-09-25T17:39:03.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2827 (GCVE-0-2013-2827)
Vulnerability from cvelistv5
Published
2014-01-15 16:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:20.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-15T16:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-2827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-2827",
"datePublished": "2014-01-15T16:00:00",
"dateReserved": "2013-04-11T00:00:00",
"dateUpdated": "2024-08-06T15:52:20.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2014-04-12 04:37
Modified
2025-09-25 18:15
Severity ?
Summary
Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wellintech | kingscada | * | |
| wellintech | kingscada | 3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wellintech:kingscada:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6F0298-5D33-41C4-A465-8E00F7043E85",
"versionEndIncluding": "3.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wellintech:kingscada:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "437805D6-8D09-44BE-992C-F51CF0DAD803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en WellinTech KingSCADA anterior a 3.1.2.13 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete manipulado."
}
],
"id": "CVE-2014-0787",
"lastModified": "2025-09-25T18:15:36.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"userInteractionRequired": false
},
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-12T04:37:31.737",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"url": "http://www.securityfocus.com/bid/66709"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "http://www.wellintech.com/index.php?option=com_content\u0026view=article\u0026id=56\u0026Itemid=11"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-098-02"
},
{
"source": "ics-cert@hq.dhs.gov",
"url": "https://www.exploit-db.com/exploits/42724/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/42724/"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-24 02:29
Modified
2024-11-21 04:01
Severity ?
Summary
WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md | Third Party Advisory | |
| cve@mitre.org | https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wellintech | kingscada | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wellintech:kingscada:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAC82E2-B3AC-423E-B486-F87314DE37D7",
"versionEndExcluding": "3.7.0.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401."
},
{
"lang": "es",
"value": "WellinTech KingSCADA, en versiones anteriores a la 3.7.0.0.1, contiene un desbordamiento de b\u00fafer basado en pila. La vulnerabilidad se desencadena al enviar un paquete especialmente manipulado al servicio AlarmServer (AEserver.exe) que escucha en el puerto TCP 12401."
}
],
"id": "CVE-2018-20410",
"lastModified": "2024-11-21T04:01:26.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-24T02:29:00.233",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-15 16:08
Modified
2025-04-11 00:51
Severity ?
Summary
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01 | Patch, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01 | Patch, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wellintech | kingalarm\&event | * | |
| wellintech | kinggraphic | * | |
| wellintech | kingscada | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wellintech:kingalarm\\\u0026event:*:*:*:*:*:*:*:*",
"matchCriteriaId": "300D5A7D-D07F-43CF-BE26-31A6BE788628",
"versionEndIncluding": "2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wellintech:kinggraphic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507960DD-82AA-4314-B85F-D2C79EBB3350",
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wellintech:kingscada:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5B1C33-BAB3-4354-B199-B6D7404EF1B6",
"versionEndIncluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value."
},
{
"lang": "es",
"value": "Un control ActiveX no especificado en WellinTech KingSCADA anteriores a 3.1.2, KingAlarm Event anteriores a 3.1, y KingGraphic anteriores a 3.1.2 permite a atacantes remotos descargar c\u00f3digo DLL arbitrariamente en una m\u00e1quina cliente y ejecutar dicho c\u00f3digo a trav\u00e9s de la propiedad ProjectURL."
}
],
"id": "CVE-2013-2827",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-15T16:08:18.173",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-15 16:08
Modified
2025-04-11 00:51
Severity ?
Summary
WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01 | Patch, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01 | Patch, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wellintech | kingalarm\&event | * | |
| wellintech | kinggraphic | * | |
| wellintech | kingscada | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wellintech:kingalarm\\\u0026event:*:*:*:*:*:*:*:*",
"matchCriteriaId": "300D5A7D-D07F-43CF-BE26-31A6BE788628",
"versionEndIncluding": "2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wellintech:kinggraphic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507960DD-82AA-4314-B85F-D2C79EBB3350",
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wellintech:kingscada:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5B1C33-BAB3-4354-B199-B6D7404EF1B6",
"versionEndIncluding": "3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130."
},
{
"lang": "es",
"value": "WellinTech KingSCADA anteriores a 3.1.2, KingAlarm Event anteriores a 3.1, y KingGraphic anteriores a 3.1.2 realizan autenticaci\u00f3n en la consola KAEClientManager en lugar de en el servidor, lo cual permite a atacantes remotos sortear restricciones de acceso y descubrir credenciales a trav\u00e9s de paquetes manipulados en el puerto 8130."
}
],
"id": "CVE-2013-2826",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-15T16:08:18.140",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}