25 matches found
EUVD-2018-7240
Malware in sbrugna...
EUVD-2014-0782
Malware in sbrugna...
GE Proficy Cimplicity 7.5 Directory Traversal
GE Proficy Cimplicity version 7.5 proof of concept directory traversal vulnerability that takes advantage of a flaw discovered in 2013. ============================================================================================================================================= | Title : GE Profic...
GE Proficy Cimplicity WebView Substitute.bcl Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'GE Proficy Cimplicity WebView substitute.bcl Directory Traversal', 'Description' = %q This module abuses a directory traversal in G...
CVE-2022-21798 ICSA-22-053-02 GE Proficy CIMPLICITY-Cleartext
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system...
CVE-2022-23921 ICSA-22-053-01 GE Proficy CIMPLICITY-IPM
Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and t...
CVE-2022-23921 ICSA-22-053-01 GE Proficy CIMPLICITY-IPM
Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and t...
General Electric Proficy Cimplicity 安全漏洞
General Electric Proficy Cimplicity Ge Proficy Cimplicity is a client/server based Hmi/Scada solution from General Electric, USA. It is used to collect and share real-time and historical data at all business levels and provide actionable visibility to monitor and control plant processes, equipmen...
GE Proficy CIMPLICITY-IPM
1. EXECUTIVE SUMMARY CVSS v3 7.5 Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve both code execution and local privilege escalation. 3. TECHNICAL DETAILS 3.1...
CVE-2018-15362
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...
CVE-2018-15362
An XXE (XML External Entity) vulnerability (CWE-611) affects GE Proficy Cimplicity GDS in versions 9.0 R2, 9.5, 10.0. The root cause is improper restriction of XML external entities, enabling an attacker to initiate an OPC UA session and retrieve an arbitrary file. CVSSv3 base score 9.1 (CRITICAL...
CVE-2018-15362
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...
CVE-2018-15362
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...
GE Proficy HMISCADA CIMPLICITY 8.2 - Local Privilege Escalation
GE Proficy HMISCADA CIMPLICITY 8.2 - Local Privilege Escalation / Exploit Title: GE Proficy HMI/SCADA CIMPLICITY 8.2 Local Privilege Escalation Exploit0 day Vulnerability Discovery and Exploit Author: Zhou Yu Email: Version: 8.2 Tested on: Windows 7 SP1 X32 CVE : None Vulnerability Description:...
Multiple Local Buffer Overflow Vulnerabilities in GE Proficy HMI/SCADA-CIMPLICITY
GE Intelligent Platforms' Proficy HMI/SCADA-iFIX is the world's leading industrial automation software solution that provides process visualization, data acquisition and data monitoring of manufacturing operations. Multiple local buffer overflow vulnerabilities exist in GE Proficy...
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Auxiliary::Report include Msf::Exploit::E...
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
This Metasploit module abuses the gefebt.exe component in GE Proficy CIMPLICITY, reachable through the CIMPLICIY CimWebServer. The vulnerable component allows to execute remote BCL files in shared resources. An attacker can abuse this behaviour to execute a malicious BCL and drop an arbitrary EXE...
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'GE Proficy CIMPLICITY gefebt.exe Remote Code Execution', 'Description' = %q This module abuses the gefebt.exe component in GE Proficy...
GE Proficy CIMPLICITY - 'gefebt.exe' Remote Code Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'GE Proficy CIMPLICITY gefebt.exe Remote Code Execution', 'Description' = %q This module abuses the gefebt.exe component in GE Proficy...
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
This module abuses the gefebt.exe component in GE Proficy CIMPLICITY, reachable through the CIMPLICIY CimWebServer. The vulnerable component allows to execute remote BCL files in shared resources. An attacker can abuse this behavior to execute a malicious BCL and drop an arbitrary EXE. The last o...