CVE-2012-4689

Name: CVE-2012-4689
Creator: NVD / NIST
Published: 2013-01-17T16:55:01.78+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.15%

Last modified Jun 16, 2026

CVE-2012-4689 is a vulnerability of currently unknown severity. Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request.. EPSS estimates a 1.15% chance of exploitation in the next 30 days.

Description

Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request.

Metrics

EPSS Probability

1.15%

62.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-189

Affected Software

Vendor	Product	Versions
Ge	Intelligent Platforms Proficy Hmi\/Scada Cimplicity	4.01
Ge	Intelligent Platforms Proficy Hmi\/Scada Cimplicity	7.5
Ge	Intelligent Platforms Proficy Hmi\/Scada Cimplicity	8.0
Ge	Intelligent Platforms Proficy Process Systems With Cimplicity	All versions
Ge	Intelligent Platforms Proficy Process Systems	All versions

References

http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB15153
http://www.us-cert.gov/control_systems/pdf/ICSA-12-341-01.pdfUS Government Resource
http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB15153
http://www.us-cert.gov/control_systems/pdf/ICSA-12-341-01.pdfUS Government Resource

Timeline

Published: Jan 17, 2013
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2012-4689?

How severe is CVE-2012-4689?

Severity scoring for CVE-2012-4689 is pending analysis. The EPSS model estimates a 1.15% probability of exploitation in the next 30 days.

How do I fix CVE-2012-4689?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-4689?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST