CVE-2014-0787
critical
CVSS v3
—
CVSS v2
10.0
VIR risk
10.0
Description
Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
References
- http://www.securityfocus.com/bid/66709
- http://www.wellintech.com/index.php?option=com_content&view=article&id=56&Itemid=11
- https://www.cisa.gov/news-events/ics-advisories/icsa-14-098-02
- https://www.exploit-db.com/exploits/42724/
- http://ics-cert.us-cert.gov/advisories/ICSA-14-098-02
- http://www.securityfocus.com/bid/66709
- https://www.exploit-db.com/exploits/42724/
CWEs
CWE-121 CWE-119
Verify integrity in audit chain (admin only). AS-IS.