Stack-Based Buffer Overflow in WellinTech KingSCADA before 3.7.0.0.1 via Specially Crafted Packet to AlarmServer Service

Stack-Based Buffer Overflow in WellinTech KingSCADA before 3.7.0.0.1 via Specially Crafted Packet to AlarmServer Service

CVE-2018-20410 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401.

Learn more about our Cis Benchmark Audit For Server Software.