1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: WellinTech KingSCADA CVE-2014-0787

Attack: WellinTech KingSCADA CVE-2014-0787

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts of leveraging a stack buffer overflow in WellinTech KingSCADA which could lead to arbitrary code execution.

Additional Information

WellinTech KingSCADA is a SCADA application for monitoring and controlling automation equipment and process products.

WellinTech KingSCADA is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Specifically, this issue exists in the protocol parsing code contained in 'kxNetDispose.dll'.

An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will likely cause denial-of-service conditions.

Affected

  • KingSCADA versions prior to 3.1.2.13 is vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube