CVE-2012-2559
published 2012-07-05CVE-2012-2559: WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP…
PriorityP352critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
4.59%
90.5th percentile
WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP port 5678.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wellintech | kinghistorian | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
WellinTech KingView Multiple Vulnerabilities
cisa_ics·2014-09-02
WellinTech KingView Multiple Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
WellinTech KingView Multiple Vulnerabilities
Last RevisedSeptember 02, 2014
Alert CodeICSA-12-185-01
## Overview
Independent researchers Carlos Mario Penagos Hollman and Dillon Beresford identified multiple vulnerabilities in WellinTech’s KingView and a single vulnerability in WellinTech’s KingHistorian application. These vulnerabilities are exploitable remotely. WellinTech has created a patch and the researchers have validated that the patch resolves these vulnerabilities in the KingView and KingHistorian applications.
## Affected Products
The following products and versions
GHSA
GHSA-fcpc-v53r-2wxj: WellinTech KingHistorian 3
ghsa_unreviewed·2022-05-17
CVE-2012-2559 [HIGH] GHSA-fcpc-v53r-2wxj: WellinTech KingHistorian 3
WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP port 5678.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2012-07-05
Published