Skip to content

High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian “Revealed: Startling Facts About [Topic]!”

This week, Cisco’s Talos threat intelligence and research unit unveiled two high-severity vulnerabilities present in WellinTech’s KingHistorian industrial data historian software. This software is used to collect and process data from industrial control systems (ICSs). One of these vulnerabilities, tracked as CVE-2022-45124, can allow an attacker to obtain the username and password of a legitimate user who logged in to the system. The second flaw, CVE-2022-43663, can be exploited by sending a specially crafted network packet that triggers a buffer overflow. Talos had informed the vendor of the flaws in December 2022 and WellinTech released patches earlier this month.

Although the real world impact of the exploitation of these vulnerabilities has not been shared, compromising a historian server can be advantageous for attackers. This is because historian servers provide access to both IT and OT networks, granting unauthorized access to valuable information or enabling lateral movement to other systems. In January, Claroty had warned that similar vulnerabilities in the GE Digital Proficy Historian could be used for espionage or disruption in industrial environments.

In conclusion, two high-severity vulnerabilities have been discovered in WellinTech’s KingHistorian software. These vulnerabilities, if exploited, could give attackers access to IT and OT systems, allowing them to gain access to confidential information or cause physical damage. Cisco’s Talos security researchers notified the vendor of the flaws in December 2022 and WellinTech released patches earlier this month.

Key Points:
• Cisco’s Talos security researchers discovered two high-severity vulnerabilities in WellinTech’s KingHistorian software
• These flaws can be used to gain access to IT and OT systems, allowing attackers to gain access to confidential information or cause physical damage
• The vendor was notified in December 2022 and released patches earlier this month

Leave a Reply

Your email address will not be published. Required fields are marked *