Patch Ready for KingView Hole

Wednesday, May 2, 2012 @ 12:05 PM gHale

WellinTech created a patch that resolves the DLL Hijack vulnerability in its KingView application, according to an ICS-CERT report.

The following product suffers from the vulnerability: WellinTech KingView 6.53. Independent researcher Carlos Mario PeƱagos Hollman, who discovered the vulnerability, tested the patch and verified it resolves the vulnerability.

RELATED STORIES
RuggedCom Backdoor Patch in Works
Certec Patches Vulnerabilities
Koyo Finalizes Firmware Fix
MICROSYS Patches SCADA/HMI Line

A successful exploit of this vulnerability could lead to arbitrary code execution.

WellinTech is a software development company specializing in the automation and control industry based in Beijing, China, with branches in United States, Japan, Singapore, Europe, and Taiwan.

The KingView product is a Windows-based control, monitoring, and data collection application deployed across several industries including power, water, building automation, mining, and other sectors, company officials said.

An attacker may place a malicious DLL in a directory where it will load before the valid DLL. An attacker must have access to the host file system to exploit this vulnerability. If exploited, this vulnerability may allow execution of arbitrary code. CVE-2012-1819 is the number assigned to this remotely exploitable vulnerability.

Click here to download the WellinTech patch.