WellinTech KingSCADA < 3.1.2.13-EN 'kxNetDispose.dll' Buffer Overflow RCE

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The WellinTech KingSCADA server installed on the remote host is
affected by a remote code execution vulnerability.

Description :

The WellinTech KingSCADA server installed on the remote host is a
version prior to 3.1.2.13-EN. It is, therefore, affected by a
stack-based buffer overflow flaw in 'kxNetDispose.dll' due to improper
validation of user-supplied input. A remote, unauthenticated attacker,
by sending a specially crafted packet used for the calculation of copy
operation sizes, can exploit this to cause the structured exception
handler (SEH) to be overwritten, resulting in the execution of
arbitrary code or a denial of service.

See also :

https://ics-cert.us-cert.gov/advisories/ICSA-14-098-02
http://www.zerodayinitiative.com/advisories/ZDI-14-071/

Solution :

Upgrade KingSCADA to version 3.1.2.13-EN.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: SCADA

Nessus Plugin ID: 81553 ()

Bugtraq ID: 66709

CVE ID: CVE-2014-0787

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now