WellinTech KingSCADA 3.1 < 2012-04-16 user.db Base-64 Encoding Local Credentials Disclosure

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.

Synopsis :

The remote Windows host contains an application that stores passwords

Description :

According to its version, the instance of WellinTech KingSCADA
installed on the remote Windows host stores passwords in an
obfuscated, but not hashed format. This may enable attackers with
access to a KingSCADA project, either locally through the filesystem
or remotely though DCOM, to retrieve the passwords and use them in
further attacks.

See also :


Solution :

Upgrade to the new version referenced in the advisory.

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 59502 ()

Bugtraq ID: 51582

CVE ID: CVE-2012-1977