WellinTech Patches Vulnerability

Wednesday, October 10, 2012 @ 06:10 PM gHale


WellinTech created a patch that mitigates the vulnerability in the default credential hole in its KingView application.

The vulnerability, discovered by Dr. Wesley McGrew of Mississippi State University, has known exploits that target it, according to a report on ICS-CERT.

RELATED STORIES
Mitigation, Update for PLC Hole
Sielco Sistemi Overwrite Vulnerability
Hotfix for DeltaV Vulnerability
Optimalog Closes Optima PLC Hole

The vulnerability affects KingView 6.5.3 and previous verisons. A successful exploit of this vulnerability will allow an attacker complete access of the targeted system.

WellinTech is a software development company specializing in automation and control based in Beijing, China, with branches in the United States, Japan, Singapore, Europe, and Taiwan.

According to the WellinTech Web site, the KingView product is a Windows-based control, monitoring, and data collection application deployed across several industries, including power, water, building automation, mining, and other sectors.

KingView does not securely store user credentials. An attacker can decrypt the file containing usernames and passwords with a simple mathematical algorithm. CVE-2012-4899 is the number assigned to this vulnerability, which has a CVSS v2 base score of 6.8.

An attacker needs to be able to access the system where the files reside to exploit this vulnerability.

WellinTech created a patch that fixes this vulnerability by increasing the complexity of the algorithm used to encrypt the passwords and usernames. Click here to download a copy of the patch.



Leave a Reply

You must be logged in to post a comment.