Vulnerability Description
Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted data in packets to TCP port 10212, aka ZDI-CAN-1621 and ZDI-CAN-1624.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge | Intelligent Platforms Proficy Hmi\/Scada Cimplicity | 8.0 |
| Ge | Intelligent Platforms Proficy Process Systems With Cimplicity | - |
Related Weaknesses (CWE)
References
- http://ics-cert.us-cert.gov/advisories/ICSA-13-170-01US Government Resource
- http://support.ge-ip.com/support/index?page=kbchannel&id=KB15602
- http://ics-cert.us-cert.gov/advisories/ICSA-13-170-01US Government Resource
- http://support.ge-ip.com/support/index?page=kbchannel&id=KB15602
FAQ
What is CVE-2013-2785?
CVE-2013-2785 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Profi...
How severe is CVE-2013-2785?
CVE-2013-2785 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-2785?
Check the references section above for vendor advisories and patch information. Affected products include: Ge Intelligent Platforms Proficy Hmi\/Scada Cimplicity, Ge Intelligent Platforms Proficy Process Systems With Cimplicity.