CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
95.2%
According to its version, the instance of WellinTech KingView installed on the remote Windows host is affected by multiple vulnerabilities:
A denial of service vulnerability in ‘NetGenius.exe’ when parsing invalid pointer packets resulting in a buffer overflow.
A directory traversal vulnerability in ‘Touchvew.exe’ due to not sanitizing user input.
An insecure DLL loading vulnerability. (CVE-2012-1819)
A stack-based buffer overflow vulnerability that may be exploited via a specially-crafted packet sent to port 555. (CVE-2012-1830)
A heap-based buffer overflow vulnerability that may be exploited via a specially-crafted packet sent to port 555. (CVE-2012-1831)
An out-of-bounds read error that may be exploited via a specially-crafted packet sent to port 2001.
(CVE-2012-1832)
A directory traversal vulnerability that may be exploited via a specially-crafted HTTP GET request on port 8001. (CVE-2012-2560)
Binary data scada_kingview_6_53_2012-03-22.nbin
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1819
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1830
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1831
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2560
en.wellintech.com/news/detail.aspx?contentid=168
web.archive.org/web/20110421065111/http://en.wellintech.com:80/products/detail.aspx?contentid=15
www.wellintech.com/index.php/news/33-patch-for-kingview653