WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401.
References
Link | Resource |
---|---|
https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py | Exploit Third Party Advisory |
https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md | Third Party Advisory |
Configurations
Information
Published : 2018-12-23 18:29
Updated : 2020-08-24 10:37
NVD link : CVE-2018-20410
Mitre link : CVE-2018-20410
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
wellintech
- kingscada