CVE-2022-43663
published 2023-03-20CVE-2022-43663: An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network…
PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
14.04%
96.1th percentile
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wellintech | kinghistorian | — | — |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
61093
- →Target the RecvPacket function within SORBAx64.dll; exploitation is triggered by a specially crafted network packet causing a signed-to-unsigned integer conversion error leading to buffer overflow. ↗
- →Exploitation is remotely triggered with low attack complexity and no authentication required; monitor for anomalous network packets targeting KingHistorian services. ↗
- →Use Snort rule 61093 for detection; check Cisco Secure Firewall Management Center or Snort.org for the latest rule updates. ↗
- ·Vulnerability is confirmed only in KingHistorian version 35.01.00.05; other versions are not confirmed affected. ↗
- ·Public exploits are available for this vulnerability, elevating urgency for detection and patching. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
WellinTech KingHistorian
cisa_ics·2023-07-18·CVSS 8.1
[HIGH] WellinTech KingHistorian
ICS Advisory
##
WellinTech KingHistorian
Release DateJuly 18, 2023
Alert CodeICSA-23-199-07
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.1
- ATTENTION: Exploitable remotely/low attack complexity/public exploits are available
- Vendor: WellinTech
- Equipment: KingHistorian
- Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Signed to Unsigned Conversion Error
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information or send malicious data which can lead to a buffer overflow.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of WellinTech KingHistorian, a time-series database, are affected:
-
KingHistorian: version 35.01.00.05
## 3.2 VULNERABIL
GHSA
GHSA-488p-w8x3-xh6m: An integer conversion vulnerability exists in the SORBAx64
ghsa_unreviewed·2023-03-20
CVE-2022-43663 [CRITICAL] CWE-195 GHSA-488p-w8x3-xh6m: An integer conversion vulnerability exists in the SORBAx64
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
No detection rules found.
No public exploits indexed.
Checkpoint
27th March – Threat Intelligence Report
blogs_checkpoint·2023-03-27·CVSS 7.2
CVE-2023-0669 [HIGH] 27th March – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 27th March – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 27th March, please download our Threat_Intelligence Bulletin
TOP ATTACKS AND BREACHES
New victims of Clop ransomware gang that leveraged for the attack purpose a zero-day security flaw (CVE-2023-0669) in the Fortra GoAnywhere Managed File Transfer system were disclosed. Among those are the American luxury brand retailer Saks Fifth Avenue , and City of Toronto .
Check Point IPS, Threat Emulation and Harmony Endp
Talos
Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
blogs_talos·2023-03-21·CVSS 8.1
CVE-2022-45124 [HIGH] Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
Cisco Talos recently discovered two vulnerabilities in WellinTech’s KingHistorian industrial control systems data manager.
KingHistorian is a time-series database that allows users to ingest and process large amounts of data from ICS, including built-in statistical analysis.
Talos discovered an information disclosure vulnerability (TALOS-2022-1683/CVE-2022-45124) in the software’s user authentication function. If an adversary could capture an authentication packet, it contains all the necessary information to steal the target user’s username and password for the software.
Another vulnerability, TALOS-2022-1674 (CVE-2022-43663) exists in a DLL in the software that could allow an adversary to cause a buffer overflow by sending a malicious packet to the targeted machine.
Cisco Talos worke
Talos
Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
blogs_talos·2023-03-21·CVSS 8.1
CVE-2022-45124 [HIGH] Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
## Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
Cisco Talos recently discovered two vulnerabilities in WellinTech’s KingHistorian industrial control systems data manager.
KingHistorian is a time-series database that allows users to ingest and process large amounts of data from ICS, including built-in statistical analysis.
Talos discovered an information disclosure vulnerability ( TALOS-2022-1683 /CVE-2022-45124) in the software’s user authentication function. If an adversary could capture an authentication packet, it contains all the necessary information to steal the target user’s username and password for the software.
Another vulnerability, TALOS-2022-1674 (CVE-2022-43663) exists in a DLL in the software that
2023-03-20
Published