ICSA-13-295-01
·
Published 2025-06-06
·
View on CISA ICS-CERT ↗
WellinTech KingView ActiveX Vulnerabilities
CVSS 5.8
MEDIUM
CVEs (2)
Remediations
- WellinTech has provided the following links to download new versions of the affected files: SuperGrid.ocx Version number: 65.30.30000.10002 (http://www.kingview.com/en/downloads/Downloads/SuperGrid.rar)
- KChartXY.ocx Version number: 65.30.30000.10002 (http://www.kingview.com/en/downloads/Downloads/KChartXY.rar)
- It is also possible to correct the flaw by implementing the following workarounds: Set the kill-bit on the KChartXY ActiveX Control (CLSID A9A2011A-1E02-4242-AAE0-B239A6F88BAC). Set the kill-bit on the SuperGrid ActiveX Control (CLSID F494550F-A028-4817-A7B5-E5F2DCB4A47E).
- For specific information on mitigating ActiveX vulnerabilities, see Microsoft KB article 240797.Microsoft Support article: How to stop an ActiveX control from running in Internet Explorer, (http://support.microsoft.com/kb/240797), Web site last accessed October 22, 2013.
Affected Vendors
WellinTech
Affected Products (1)
WellinTech
·
KingView
<6.53
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more