WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally.
**KingMess.exe** is vulnerable to buffer overflow as a result of not properly sanitizing user-supplied input when parsing log files. By enticing a user to open a specially crafted file, an attacker could execute arbitrary code in the context of the user running the vulnerable application.
Apply the appropriate vendor-supplied patch for the vulnerable version of KingView installed (6.52, 6.53 or 6.55).
This exploit was tested against WellinTech KingView 6.53 on Windows XP SP3 English and Windows 7 SP1, both with DEP OptIn.
The user must save the
**KVL** file and open it with WellinTech KingView to trigger the vulnerability.