ActiveX Control Vulnerability in WellinTech KingSCADA Products
CVE-2013-2827

Currently unrated

Key Information:

Vendor: Wellintech
Status: Kinggraphic; Kingscada; Kingalarm\&event
Vendor: CVE Published:; 15 January 2014

What is CVE-2013-2827?

An unspecified vulnerability in an ActiveX control present in various WellinTech KingSCADA products allows remote attackers to exploit the ProjectURL property. This exploitation facilitates the downloading of arbitrary DLL files onto a client machine, enabling attackers to execute their malicious code without user consent. Proper security measures and updates should be implemented to mitigate the risk associated with this vulnerability.

References

http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01

x_refsource_MISC

EPSS Score

63% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 15, 2014
Vulnerability Reserved
Apr 11, 2013

Wellintech

What is CVE-2013-2827?

References

EPSS Score

Timeline