Vulnerability Description
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge | Intelligent Platforms Proficy Hmi\/Scada Cimplicity | 4.01 |
| Ge | Intelligent Platforms Proficy Process Systems With Cimplicity | - |
| Ge | Intelligent Platforms Proficy Process Systems | - |
Related Weaknesses (CWE)
References
- http://www.us-cert.gov/control_systems/pdf/ICSA-13-022-02.pdfUS Government Resource
- http://www.us-cert.gov/control_systems/pdf/ICSA-13-022-02.pdfUS Government Resource
FAQ
What is CVE-2013-0653?
CVE-2013-0653 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLI...
How severe is CVE-2013-0653?
CVE-2013-0653 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-0653?
Check the references section above for vendor advisories and patch information. Affected products include: Ge Intelligent Platforms Proficy Hmi\/Scada Cimplicity, Ge Intelligent Platforms Proficy Process Systems With Cimplicity, Ge Intelligent Platforms Proficy Process Systems.