{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Proficy HMI/SCADA - CIMPLICITY", "vendor": "GE", "versions": [{"lessThan": "8.2", "status": "affected", "version": "4.01", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Proficy Process Systems with CIMPLICITY", "vendor": "GE", "versions": [{"status": "affected", "version": "all versions"}]}], "credits": [{"lang": "en", "type": "finder", "value": "amisto0x07 and Z0mb1E of Zero Day Initiative (ZDI)"}], "datePublic": "2014-01-24T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>\nThe CIMPLICITY Web-based access component, CimWebServer, does not check \nthe location of shell files being loaded into the system. By modifying \nthe source location, an attacker could send shell code to the \nCimWebServer which would deploy the nefarious files as part of any SCADA\n project. This could allow the attacker to execute arbitrary code.\n\n</p>"}], "value": "The CIMPLICITY Web-based access component, CimWebServer, does not check \nthe location of shell files being loaded into the system. By modifying \nthe source location, an attacker could send shell code to the \nCimWebServer which would deploy the nefarious files as part of any SCADA\n project. This could allow the attacker to execute arbitrary code."}], "metrics": [{"cvssV2_0": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-08-22T22:51:23.718Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-023-01"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939"}, {"name": "65124", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65124"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>GE has produced an update that mitigates one vulnerability and made \nconfiguration changes to mitigate the other. Please reference the \nfollowing GE Product Security Advisories for specific information on the\n vulnerabilities.</p>\n<p>GEIP13-05</p>\n<p>To address this vulnerability, all copies of the gefebt.exe files \nthat are accessible from a Web client must be deleted or moved, so they \nare inaccessible. If the production Web configuration currently relies \non gefebt.exe, changes to the server\u2019s Web pages may also be desirable.</p><p>The GE Product Security Advisory, which provides additional guidance, is available here:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"http://support.ge-ip.com/support/index?page=kbchannel&amp;id=KB15939\">http://support.ge-ip.com/support/index?page=kbchannel&amp;id=KB15939</a></p>\n<p>GEIP13-06</p><p>Download Proficy HMI/SCADA - CIMPLICITY 8.2 SIM 24 at:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"http://support.ge-ip.com/support/index?page=dwchannel&amp;id=DN4128\">http://support.ge-ip.com/support/index?page=dwchannel&amp;id=DN4128</a></p><p>The GE Product Security Advisory is available here:&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"http://support.ge-ip.com/support/index?page=kbchannel&amp;id=KB15940\">http://support.ge-ip.com/support/index?page=kbchannel&amp;id=KB15940</a></p>\n\n<br>"}], "value": "GE has produced an update that mitigates one vulnerability and made \nconfiguration changes to mitigate the other. Please reference the \nfollowing GE Product Security Advisories for specific information on the\n vulnerabilities.\n\n\nGEIP13-05\n\n\nTo address this vulnerability, all copies of the gefebt.exe files \nthat are accessible from a Web client must be deleted or moved, so they \nare inaccessible. If the production Web configuration currently relies \non gefebt.exe, changes to the server\u2019s Web pages may also be desirable.\n\nThe GE Product Security Advisory, which provides additional guidance, is available here:\u00a0 http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939 \n\n\nGEIP13-06\n\nDownload Proficy HMI/SCADA - CIMPLICITY 8.2 SIM 24 at:\u00a0 http://support.ge-ip.com/support/index?page=dwchannel&id=DN4128 \n\nThe GE Product Security Advisory is available here:\u00a0 http://support.ge-ip.com/support/index?page=kbchannel&id=KB15940"}], "source": {"advisory": "ICSA-14-023-01", "discovery": "EXTERNAL"}, "title": "GE Proficy HMI/SCADA Path Traversal", "x_generator": {"engine": "Vulnogram 0.2.0"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2014-0750", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01", "refsource": "MISC", "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01"}, {"name": "http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939", "refsource": "CONFIRM", "url": "http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939"}, {"name": "65124", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65124"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:27:19.517Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.ge-ip.com/support/index?page=kbchannel&id=KB15940"}, {"name": "65117", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/65117"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2014-0751", "datePublished": "2014-01-25T22:00:00", "dateReserved": "2014-01-02T00:00:00", "dateUpdated": "2025-08-22T22:51:23.718Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\%2fscada_cimplicity:*:sim24:*:*:*:*:*:*", "matchCriteriaId": "4C5EDB9D-01CD-4843-86CD-C834B726ACF1", "versionEndIncluding": "8.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:4.01:*:*:*:*:*:*:*", "matchCriteriaId": "6C0B8CA7-2161-4603-B844-DE6C079DF36F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "E3BACB11-5CD3-4CA6-9C56-D71628CADF0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "90538C50-38BD-4EE5-BD30-96E2E2951FE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB261867-B9B1-4D3D-B2DE-3CC3164EFD06", "vulnerable": true}, {"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "559DCD7A-0745-4D4C-A77A-83240EF6C510", "vulnerable": true}, {"criteria": "cpe:2.3:a:ge:intelligent_platforms_proficy_process_systems_with_cimplicity:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD9711EA-2C95-41FA-8827-01FCB0ED4B06", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The CIMPLICITY Web-based access component, CimWebServer, does not check \nthe location of shell files being loaded into the system. By modifying \nthe source location, an attacker could send shell code to the \nCimWebServer which would deploy the nefarious files as part of any SCADA\n project. This could allow the attacker to execute arbitrary code."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en CimWebServer.exe (tambi\u00e9n conocido como el componente WebView) en GE Intelligent Platforms Proficy HMI / SCADA - CIMPLICITY anterior a 8.2 SIM 24 y Proficy Process con CIMPLICITY, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un mensaje manipulado a puerto TCP 10212 , tambi\u00e9n conocido como ZDI-CAN-1623."}], "id": "CVE-2014-0751", "lastModified": "2025-08-22T23:15:30.233", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "ics-cert@hq.dhs.gov", "type": "Secondary", "userInteractionRequired": false}, {"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-25T22:55:04.583", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939"}, {"source": "ics-cert@hq.dhs.gov", "url": "http://www.securityfocus.com/bid/65124"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-023-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://support.ge-ip.com/support/index?page=kbchannel&id=KB15940"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/65117"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}