HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2013-2827

CVSS 7.5v2.0pub. 2014-01-15upd. 2026-04-29

An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value.

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Wellintech Kingalarm\&event

    APP
    Wellintech
    ≀ 2.0.2
  • Wellintech Kinggraphic

    APP
    Wellintech
    ≀ 3.1
  • Wellintech Kingscada

    APP
    Wellintech
    ≀ 3.1
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-20410HIGH7.5ten sam produkt

WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered w...

CVE-2014-0787HIGH10.0ten sam produkt

Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitra...

CVE-2013-2826MEDIUM6.4ten sam produkt

WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentica...

CVE-2022-43663HIGH8.1ten sam vendor

An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHist...

CVE-2022-45124HIGH7.5ten sam vendor

An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHist...

CVE-2013-2827 β€” Wellintech β€” Kingalarm\&Event β€” HIGH β€” CVSS 7.5 | CVEbaza.pl