WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: icscert
Published:
Updated: 2024-08-06T15:52:20.967Z
Reserved: 2013-04-11T00:00:00
Link: CVE-2013-2826

No data.

Status : Modified
Published: 2014-01-15T16:08:18.140
Modified: 2024-11-21T01:52:26.997
Link: CVE-2013-2826

No data.