SAINT CorporationSAINT:6A49AE550CE9DAA5F12C8110CAE2A91DWellinTech KingView KingMess.exe Log File Parsing Overflow
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.5%
Added: 03/22/2013
CVE: CVE-2012-4711
BID: 57909
OSVDB: 89690
Background
WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally.
Problem
WellinTech KingView **KingMess.exe** is vulnerable to buffer overflow as a result of not properly sanitizing user-supplied input when parsing log files. By enticing a user to open a specially crafted file, an attacker could execute arbitrary code in the context of the user running the vulnerable application.
Resolution
Apply the appropriate vendor-supplied patch for the vulnerable version of KingView installed (6.52, 6.53 or 6.55).
References
<http://ics-cert.us-cert.gov/pdf/ICSA-13-043-02.pdf>
<http://secunia.com/advisories/52190/>
Limitations
This exploit was tested against WellinTech KingView 6.53 on Windows XP SP3 English and Windows 7 SP1, both with DEP OptIn.
The user must save the **KVL** file and open it with WellinTech KingView to trigger the vulnerability.
Platforms
Windows
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.5%