Password Storage Vulnerability in WellinTech KingSCADA 3.0
CVE-2012-1977

Currently unrated

Key Information:

Vendor: Wellintech
Status: Kingscada
Vendor: CVE Published:; 9 May 2012

What is CVE-2012-1977?

In WellinTech KingSCADA 3.0, passwords are stored in a cleartext base64 format within the user.db file. This insecure method of storing sensitive information potentially allows context-dependent attackers to access and retrieve these passwords by simply reading the file. As a result, user credentials could be compromised, emphasizing the need for secure password storage practices to protect sensitive data.

Affected Version(s)

KingSCADA 3.0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-12-1...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 9, 2012

Wellintech

What is CVE-2012-1977?

Affected Version(s)

References

Timeline