Lucene search
IcscertCVE-2014-2355HistoryJan 17, 2015 - 2:59 a.m.
CVE-2014-2355
2015-01-1702:59:00
CWE-119
icscert
web.nvd.nist.gov
24
cve-2014-2355
ge proficy
hmi
scada
cimplicity
remote privilege escalation
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
7
Confidence
Low
EPSS
0.004
Percentile
72.8%
The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM) file.
Affected configurations
Node
geintelligent_platforms_proficy_hmi\/scada_cimplicityRange≤8.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ge | intelligent_platforms_proficy_hmi\/scada_cimplicity | * | cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-2355
2015-01-17 02:59:00
cvelist
cvelist
CVE-2014-2355
2015-01-17 02:00:00
prion
prion
Code injection
2015-01-17 02:59:00
ics
ics
GE Proficy HMI/SCADA CIMPLICITY CimView Memory Access Violation
2018-08-29 12:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
7
Confidence
Low
EPSS
0.004
Percentile
72.8%
Related for CVE-2014-2355