Published: 25/01/2014 Updated: 21/02/2014

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY up to and including 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote malicious users to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ge intelligent platforms proficy hmi\\/scada cimplicity 8.0
ge intelligent platforms proficy hmi\\/scada cimplicity 7.5
ge intelligent platforms proficy hmi\\%2fscada cimplicity
ge intelligent platforms proficy hmi\\/scada cimplicity 8.2
ge intelligent platforms proficy hmi\\/scada cimplicity 8.1
ge intelligent platforms proficy hmi\\/scada cimplicity 4.01
ge intelligent platforms proficy process systems with cimplicity -

## # This module requires Metasploit: http//metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Auxiliary::Report include Msf::Exploit::EXE include Msf::Exploit::Remote::HttpClient include Msf::Exp ...

CWE-22 http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01 http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939 http://www.securityfocus.com/bid/65124 https://nvd.nist.gov https://www.exploit-db.com/exploits/31987/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-0750

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect