all InfoSec news
Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
Malware Analysis, News and Indicators - Latest topics malware.news
Carl Hurd of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered two vulnerabilities in WellinTech’s KingHistorian industrial control systems data manager.
KingHistorian is a time-series database that allows users to ingest and process large amounts of data from ICS, including built-in statistical analysis.
Talos discovered an information disclosure vulnerability (TALOS-2022-1683/CVE-2022-45124) in the software’s user authentication function. If an adversary could capture an authentication packet, it contains all the necessary information to steal the target user’s username and …
adversary analysis authentication buffer buffer overflow capture cisco cisco talos control control systems cve data database disclosure function ics industrial industrial control industrial control systems information information disclosure kinghistorian large manager overflow packet platform process series software spotlight systems talos vulnerabilities vulnerability vulnerability spotlight vulnerable wellintech