CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.5%
Added: 03/22/2013
CVE: CVE-2012-4711
BID: 57909
OSVDB: 89690
WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally.
WellinTech KingView **KingMess.exe**
is vulnerable to buffer overflow as a result of not properly sanitizing user-supplied input when parsing log files. By enticing a user to open a specially crafted file, an attacker could execute arbitrary code in the context of the user running the vulnerable application.
Apply the appropriate vendor-supplied patch for the vulnerable version of KingView installed (6.52, 6.53 or 6.55).
<http://ics-cert.us-cert.gov/pdf/ICSA-13-043-02.pdf>
<http://secunia.com/advisories/52190/>
This exploit was tested against WellinTech KingView 6.53 on Windows XP SP3 English and Windows 7 SP1, both with DEP OptIn.
The user must save the **KVL**
file and open it with WellinTech KingView to trigger the vulnerability.
Windows