WellinTech KingView KingMess.exe Log File Parsing Overflow

Added: 03/22/2013
CVE: CVE-2012-4711
BID: 57909
OSVDB: 89690

Background

WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally.

Problem

WellinTech KingView KingMess.exe is vulnerable to buffer overflow as a result of not properly sanitizing user-supplied input when parsing log files. By enticing a user to open a specially crafted file, an attacker could execute arbitrary code in the context of the user running the vulnerable application.

Resolution

Apply the appropriate vendor-supplied patch for the vulnerable version of KingView installed (6.52, 6.53 or 6.55).

References

http://ics-cert.us-cert.gov/pdf/ICSA-13-043-02.pdf
http://secunia.com/advisories/52190/

Limitations

This exploit was tested against WellinTech KingView 6.53 on Windows XP SP3 English and Windows 7 SP1, both with DEP OptIn.

The user must save the KVL file and open it with WellinTech KingView to trigger the vulnerability.

Platforms

Windows

Back to exploit index