Vulnerability Description
Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge | Intelligent Platforms Proficy Hmi\%2Fscada Cimplicity | <= 8.2 |
| Ge | Intelligent Platforms Proficy Hmi\/Scada Cimplicity | 4.01 |
| Ge | Intelligent Platforms Proficy Process Systems With Cimplicity | - |
Related Weaknesses (CWE)
References
- http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939Vendor Advisory
- http://www.securityfocus.com/bid/65124
- https://www.cisa.gov/news-events/ics-advisories/icsa-14-023-01
- http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01US Government Resource
- http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939Vendor Advisory
- http://www.securityfocus.com/bid/65124
FAQ
What is CVE-2014-0750?
CVE-2014-0750 is a vulnerability with a CVSS score of 7.5 (HIGH). Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLIC...
How severe is CVE-2014-0750?
CVE-2014-0750 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0750?
Check the references section above for vendor advisories and patch information. Affected products include: Ge Intelligent Platforms Proficy Hmi\%2Fscada Cimplicity, Ge Intelligent Platforms Proficy Hmi\/Scada Cimplicity, Ge Intelligent Platforms Proficy Process Systems With Cimplicity.