Lucene search
K

45 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:28 a.m.6 views

CVE-2013-0653

Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet...

4.3CVSS6.9AI score0.19111EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:15 a.m.9 views

CVE-2013-2785

Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted...

9.3CVSS8.1AI score0.03769EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/08/17 12:0 a.m.7 views

The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY lies in its ability to write malicious code into memory beyond the buffer limits. This allows attackers to execute arbitrary code by loading a malicious file.

The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY lies in the ability to write data beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a malicious...

10CVSS8.4AI score0.00382EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/03/21 12:0 a.m.8 views

The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY, related to the transmission of data in an open format, allows attackers to perform spoofing attacks.

The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY lies in the transmission of data in an open manner. Exploiting this vulnerability can allow attackers to carry out spoofing attacks...

7.5CVSS7.8AI score0.00603EPSS
Exploits0References3
0day.today
0day.today
added 2019/11/18 12:0 a.m.78 views

Open Proficy HMI-SCADA 5.0.0.25920 - (Password) Denial of Service Exploit

Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: App Store for iOS devices GE Intelligent Platforms, Inc. Tested Version: 5.0.0.25920 Vulnerabilit...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/11/18 12:0 a.m.40 views

Open Proficy HMI-SCADA 5.0.0.25920 - Password Denial of Service (PoC)

Open Proficy HMI-SCADA 5.0.0.25920 - Password Denial of Service PoC Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-11-16 Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: Ap...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.152 views

Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC)

Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-11-16 Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: App Store for iOS devices GE Intelligent Platforms, Inc. Tested Versio...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/18 12:0 a.m.134 views

Open Proficy HMI-SCADA 5.0.0.25920 Denial Of Service

Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-11-16 Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: App Store for iOS devices GE Intelligent Platforms, Inc. Tested Versio...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/10/05 12:0 a.m.4 views

The vulnerability of the GE Proficy HMI/SCADA iFIX monitoring tool for technological operations, the client-server application for data processing and control of technological operations (Proficy HMI/SCADA CIMPLICITY), and the Proficy Historian repository lies in the insufficient security of account protection, allowing attackers to obtain user passwords.

The vulnerability of the GE Proficy HMI/SCADA iFIX control system, the client-server application for data processing and control operations, as well as the Proficy HMI/SCADA CIMPLICITY control system and the Proficy Historian repository, is related to insufficiently secure account protection...

6.4CVSS6.6AI score0.00369EPSS
Exploits0References5Affected Software2
ICS
ICS
added 2017/01/17 12:0 a.m.84 views

GE Proficy HMI/SCADA iFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian Vulnerability (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-336-05 GE Proficy HMI/SCADA IFIX, Proficy HMI/SCADA CIMPLICITY, and Proficy Historian Vulnerability that was published January 17, 2017, on the NCCIC/ICS-CERT web site. GE has reported an insufficiently protecte...

6.7CVSS1.1AI score0.00369EPSS
Exploits0References27
Prion
Prion
added 2016/07/15 4:59 p.m.16 views

Design/Logic Flaw

General Electric GE Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors...

4.6CVSS6.7AI score0.00394EPSS
Exploits0References3Affected Software1
0day.today
0day.today
added 2016/07/07 12:0 a.m.48 views

GE Proficy HMI/SCADA CIMPLICITY 8.2 - Privilege Escalation

Exploit for windows platform in category local exploits / Exploit Title: GE Proficy HMI/SCADA CIMPLICITY 8.2 Local Privilege Escalation Exploit0 day Vulnerability Discovery and Exploit Author: Zhou Yu Email: Version: 8.2 Tested on: Windows 7 SP1 X32 CVE : None Vulnerability Description:...

6.8AI score
Exploits0
ICS
ICS
added 2016/04/15 6:0 a.m.87 views

GE Proficy HMI SCADA CIMPLICITY Privilege Management Vulnerability

OVERVIEW Zhou Yu of Acorn Network Security identified an improper privilege management vulnerability and recently released exploit code for the GE Proficy HMI/SCADA CIMPLICITY application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. GE produc...

6.3CVSS6.5AI score0.00394EPSS
Exploits0References10
NVD
NVD
added 2015/01/17 2:59 a.m.16 views

CVE-2014-2355

The 1 CimView and 2 CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen aka .CIM file...

6.9CVSS6.8AI score0.00645EPSS
Exploits0References2
ICS
ICS
added 2014/07/19 6:0 a.m.52 views

GE Proficy HMI/SCADA CIMPLICITY CimView Memory Access Violation

OVERVIEW This advisory was originally posted to the NCCIC/US-CERT secure Portal library on October 16, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Said Arfi has identified a memory access violation vulnerability in GE’s CIMPLICITY CimView application. GE has...

6.9CVSS7.3AI score0.00645EPSS
Exploits0References10
ICS
ICS
added 2014/07/17 6:0 a.m.42 views

GE Proficy HMI/SCADA DNP3 Driver Input Validation

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on October 14, 2014, and is being released to the NCCIC/ICS-CERT web site. Independent researcher Adam Crain of Automatak has identified an improper input validation in the DNP3 driver provided by Catapult Software...

7.1CVSS6.6AI score0.01846EPSS
Exploits0References10
seebug.org
seebug.org
added 2014/02/10 12:0 a.m.71 views

GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY CimWebServer.exe目录遍历漏洞

CVECAN ID: CVE-2014-0751 GE Proficy CIMPLICITY是客户端/服务器业务可视化和控制解决方案。 GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 8.2 SIM 24之前版本中,CimWebServer.exe(即组件WebView)及Proficy Process Systems在实现上存在目录遍历漏洞,远程攻击者通过向TCP端口10212发送特制的消息,利用此漏洞可执行任意代码。 0 ge-ip Proficy CIMPLICITY 8.2 SIM 24 厂商补丁: ge-ip...

7.5CVSS6.4AI score0.03063EPSS
Exploits2
NVD
NVD
added 2014/01/25 10:55 p.m.26 views

CVE-2014-0751

The CIMPLICITY Web-based access component, CimWebServer, does not check the location of shell files being loaded into the system. By modifying the source location, an attacker could send shell code to the CimWebServer which would deploy the nefarious files as part of any SCADA project. This could...

7.5CVSS7.5AI score0.03063EPSS
Exploits2References6
Prion
Prion
added 2014/01/25 10:55 p.m.21 views

Directory traversal

Directory traversal vulnerability in CimWebServer.exe aka the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212, aka...

7.5CVSS8.1AI score0.03063EPSS
Exploits2References3Affected Software2
Prion
Prion
added 2014/01/25 10:55 p.m.17 views

Directory traversal

Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-16...

7.5CVSS8.1AI score0.70223EPSS
Exploits5References3Affected Software2
Rows per page
Query Builder