This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ge First view 2013-07-31
Product Intelligent Platforms Proficy Process Systems With Cimplicity Last view 2014-01-25
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:ge:intelligent_platforms_proficy_process_systems_with_cimplicity:-:*:*:*:*:*:*:* 3

Related : CVE

  Date Alert Description
7.5 2014-01-25 CVE-2014-0751

Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212, aka ZDI-CAN-1623.
7.5 2014-01-25 CVE-2014-0750

Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622.
9.3 2013-07-31 CVE-2013-2785

Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted data in packets to TCP port 10212, aka ZDI-CAN-1621 and ZDI-CAN-1624.

CWE : Common Weakness Enumeration

%idName
66% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
33% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Snort® IPS/IDS

Date Description
2014-04-05 GE Proficy CIMPLICITY CimWebServer remote code execution attempt
RuleID : 30011 - Type : SERVER-WEBAPP - Revision : 4