WellinTech KingSCADA prior to 3.1.2, KingAlarm&Event prior to 3.1, and KingGraphic prior to 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote malicious users to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wellintech kingalarm\\&event |
||
wellintech kingscada |
||
wellintech kinggraphic |