HIGH🇬🇧 English

CVE-2013-2827

CVSS 7.5v2.0pub. 2014-01-15upd. 2026-04-29

An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Wellintech Kingalarm\&event

    APP
    Wellintech
    ≤ 2.0.2
  • Wellintech Kinggraphic

    APP
    Wellintech
    ≤ 3.1
  • Wellintech Kingscada

    APP
    Wellintech
    ≤ 3.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2018-20410HIGH7.5ten sam produkt

WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered w...

CVE-2014-0787HIGH10.0ten sam produkt

Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitra...

CVE-2013-2826MEDIUM6.4ten sam produkt

WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentica...

CVE-2022-43663HIGH8.1ten sam vendor

An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHist...

CVE-2022-45124HIGH7.5ten sam vendor

An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHist...