Lucene search
AnonymousZDI-14-071HistoryApr 10, 2014 - 12:00 a.m.
WellinTech KingScada AEserver.exe Remote Code Execution Vulnerability
2014-04-1000:00:00
Anonymous
www.zerodayinitiative.com
30
EPSS
0.367
Percentile
97.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingScada. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code contained in kxNetDispose.dll. The parent service is called AEserver.exe and listens on port 12401. The process performs arithmetic on an user-supplied value used to determine the size of a copy operation allowing a potential integer wrap to cause a stack buffer overflow. An unauthenticated attacker can leverage this vulnerability to execute code under the context of the SYSTEM user.
Related
seebug
seebug
WellinTech KingSCADAζͺζθΏη¨ζ ηΌε²εΊζΊ’εΊζΌζ΄
2014-04-11 00:00:00
zdt
zdt
KingScada AlarmServer 3.1.2.13 Buffer Overflow Exploit
2017-09-15 00:00:00
checkpoint_advisories
checkpoint_advisories
WellinTech KingSCADA kxNetDispose.dll Stack Buffer Overflow (CVE-2014-0787)
2014-07-27 00:00:00
cve
cve
CVE-2014-0787
2014-04-12 04:37:31
ics
ics
WellinTech KingSCADA Stack-Based Buffer Overflow
2018-09-06 12:00:00
prion
prion
Stack overflow
2014-04-12 04:37:00
packetstorm
packetstorm
KingScada AlarmServer 3.1.2.13 Buffer Overflow
2017-09-15 00:00:00
cvelist
cvelist
CVE-2014-0787
2014-04-12 01:00:00
exploitdb
exploitdb
KingScada AlarmServer 3.1.2.13 - Remote Stack Buffer Overflow (Metasploit)
2017-09-14 00:00:00
nvd
nvd
CVE-2014-0787
2014-04-12 04:37:31