GE Proficy CIMPLICITY gefebt.exe Remote Code Execution

This Metasploit module abuses the gefebt.exe component in GE Proficy CIMPLICITY, reachable through the CIMPLICIY CimWebServer. The vulnerable component allows to execute remote BCL files in shared resources. An attacker can abuse this behaviour to execute a malicious BCL and drop an arbitrary EXE...

CVE-2014-0750

GE Proficy CIMPLICITY CIMPLICITY CIMPLICITY: A path traversal vulnerability (CVE-2014-0750) in gefebt.exe within the WebView CimWebServer/Proficy CIMPLICITY components allows remote code execution via crafted HTTP requests. Affected products include Proficy HMI/SCADA - CIMPLICITY (versions up to ...