Cisco’s Talos threat intelligence and research unit this week disclosed the details of two high-severity vulnerabilities discovered last year in WellinTech’s KingHistorian industrial data historian software.
China-based industrial automation software company WellinTech designed KingHistorian for collecting and processing a ‘massive amount’ of industrial control system (ICS) data.
Talos researchers discovered that the historian is impacted by two flaws. One of them, tracked as CVE-2022-45124, can allow an attacker who can intercept an authentication packet to obtain the username and password of the legitimate user who logged in to the system.
[ Read: Counting ICS Vulnerabilities: Examining Variations in Numbers Reported by Security Firms ]
The second issue, CVE-2022-43663, can be exploited by sending a specially crafted network packet that triggers a buffer overflow. It’s unclear if the flaw can be exploited for arbitrary code execution or only to crash the process.
The vendor was informed about the security holes in December 2022 and released patches earlier this month.
Learn More at SecurityWeek’s ICS Cyber Security Conference
The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
October 23-26, 2023 | Atlanta
www.icscybersecurityconference.com
Cisco has not shared any information on the real world impact resulting from the potential exploitation of these vulnerabilities, but based on previous reports from cybersecurity companies, compromising a historian could be very useful to threat actors.
In January, industrial security firm Claroty disclosed several vulnerabilities found by its researchers in the GE Digital Proficy Historian product. The company warned at the time that the flaws could be exploited for espionage or to cause damage and disruption in industrial environments.
Historian servers can provide access to both IT and OT systems, allowing hackers to leverage compromised devices to gain access to valuable information or move to other systems on the network.
Related: Vulnerability in ABB Plant Historian Disclosed 5 Years After Discovery
Related: Siemens Drives Rise in ICS Vulnerabilities Discovered in 2022
Related: ICS Vulnerabilities Chained for Deep Lateral Movement and Physical Damage

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
- Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations
- Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances
- OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers
- New Honeywell OT Cybersecurity Solution Helps Identify Vulnerabilities, Threats
- Rheinmetall Says Military Business Not Impacted by Ransomware Attack
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
