WellinTech KingView History Server Buffer Overflow
Act NowICS-CERT ICSA-11-355-02Sep 23, 2011
Summary
WellinTech KingView HistoryServer contains a buffer overflow vulnerability (CWE-119) that could allow an attacker to execute arbitrary code or crash the service. Affected version: 65.30.2010.18018.
What this means
What could happen
An attacker could crash the KingView HistoryServer or execute arbitrary code on the historian system, potentially allowing them to tamper with historical process data or disrupt real-time data logging for your plant.
Who's at risk
Operators of water and utility systems using WellinTech KingView for SCADA/historian functionality should assess this risk. The vulnerability affects systems using KingView HistoryServer 65.30.2010.18018 or earlier versions.
How it could be exploited
An attacker with network access to the HistoryServer's service port could send a specially crafted input that overflows a buffer in the application, allowing them to inject and execute arbitrary code on the historian system.
Prerequisites
- Network access to KingView HistoryServer service port
- Ability to send malformed input to the vulnerable service
buffer overflow vulnerabilityremotely exploitableno patch availableaffects data historian and real-time logging31% EPSS score indicates moderate exploit probability
Exploitability
High exploit probability (EPSS 31.0%)
Affected products (1)
ProductAffected VersionsFix Status
Kingview HistoryServer: 65.30.2010.1801865.30.2010.18018No fix (EOL)
Remediation & Mitigation
0/3
Do now
0/2HARDENINGIsolate KingView HistoryServer from untrusted networks using network segmentation or firewall rules to restrict access to only authorized engineering workstations and control systems
WORKAROUNDContact WellinTech directly to inquire about security patches, firmware updates, or end-of-life status for version 65.30.2010.18018
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HARDENINGMonitor network traffic to the HistoryServer service port for suspicious activity or connection attempts
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/02429ef3-c583-469b-ba70-f949a20cb2fc