The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY lies in its ability to write malicious code into memory beyond the buffer limits. This allows attackers to execute arbitrary code by loading a malicious file.

The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY lies in the ability to write data beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a malicious...

GE Proficy HMI/SCADA CIMPLICITY 8.2 - Privilege Escalation

Exploit for windows platform in category local exploits / Exploit Title: GE Proficy HMI/SCADA CIMPLICITY 8.2 Local Privilege Escalation Exploit0 day Vulnerability Discovery and Exploit Author: Zhou Yu Email: Version: 8.2 Tested on: Windows 7 SP1 X32 CVE : None Vulnerability Description:...

Code injection

The 1 CimView and 2 CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen aka .CIM file...

CVE-2014-2355

The 1 CimView and 2 CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen aka .CIM file...

CVE-2013-2785

Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted...

Buffer overflow

Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted...

Directory traversal

Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet...