59 matches found
WellinTech KingSCADA KingAlarm & Event KAEManageServer Information Disclosure Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingSCADA KingAlarm&Event.; Authentication is not required to exploit this vulnerability. The specific flaw exists within KAEManageServer.exe, which listens by default on TCP port 8130...
WellinTech KingScada KingGraphic kxClientDownload ActiveX Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingScada KingGraphics. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
CVE-2013-2827
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value...
Authentication flaw
WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP...
Code injection
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value...
CVE-2013-2826
CVE-2013-2826 affects WellinTech KingSCADA prior to 3.1.2, KingAlarm&Event prior to 3.1, and KingGraphic prior to 3.1.2. Authentication is performed at the KAEClientManager console, not the server, enabling a remote attacker to discover credentials by sending a crafted packet to TCP port 8130. Co...
CVE-2013-2826
WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP...
CVE-2013-2827
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value...
CVE-2013-2827
CVE-2013-2827 concerns an unresolved ActiveX control in WellinTech KingSCADA (before 3.1.2), KingAlarm&Event (before 3.1), and KingGraphic (before 3.1.2) that allows remote code execution by abusing the ProjectURL property to download and execute a DLL on a client. Root cause: insufficient saniti...
WellinTech Vulnerabilities
OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on December 10, 2013, and is now being released to the NCCIC/ICS-CERT Web site. NCCIC/ICS-CERT received reports from the Zero Day Initiative ZDI regarding a remote code execution vulnerability and an information...
PT-2013-89: XML External Entities Resolution vulnerability in KingSCADA
The specialists of the Positive Research center have detected an XML External Entities Resolution vulnerability in KingSCADA. The vulnerability is possible due to unsafe parsing of XML external entities. If an attacker manages to make a victim open a project that contains specially crafted XML,...
WellinTech KingSCADA Detection
Binary data scadaappwellintechkingscadadetect.nbin...
WellinTech KingSCADA 3.1 < 2012-04-16 user.db Base-64 Encoding Local Credentials Disclosure
Binary data scadakingscada312012-04-16.nbin...
CVE-2012-1977
WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file...
Design/Logic Flaw
WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file...
CVE-2012-1977
WellinTech KingSCADA 3.0 stores passwords in user.db using a cleartext base64 format, enabling attackers with access to read the file to obtain passwords. Root cause: missing encryption of sensitive data. Impact: attacker could log in using decoded credentials; vulnerability described as remotely...
CVE-2012-1977 WellinTech KingSCADA Missing Encryption of Sensitive Data
WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file...
PT-2012-3707 · Wellintech · Kingscada
Name of the Vulnerable Software and Affected Versions: WellinTech KingSCADA version 3.0 Description: The issue concerns the storage of passwords in a cleartext base64 format within the user.db file, allowing attackers to obtain sensitive information by reading this file. Recommendations: For...
WellinTech KingSCADA Insecure Password Encryption
Overview This advisory is a follow-up to the alert titled “ICS-ALERT-12-020-06 - WellinTech KingSCADA Insecure Password Encryption Vulnerability” that was published January 20, 2012, on the ICS-CERT web page. Independent researchers Alexandr Polyakov and Alexey Sintsov from DSecRG identified an...