CVE-2014-0750
Last modified
CVE-2014-0750 is a vulnerability of currently unknown severity. Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622.. EPSS estimates a 70.22% chance of exploitation in the next 30 days.
Description
Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Ge | Intelligent Platforms Proficy Hmi\%2fscada Cimplicity | <= 8.2 | Sim24 |
| Ge | Intelligent Platforms Proficy Hmi\/Scada Cimplicity | 4.01 | — |
| Ge | Intelligent Platforms Proficy Hmi\/Scada Cimplicity | 7.5 | — |
| Ge | Intelligent Platforms Proficy Hmi\/Scada Cimplicity | 8.0 | — |
| Ge | Intelligent Platforms Proficy Hmi\/Scada Cimplicity | 8.1 | — |
| Ge | Intelligent Platforms Proficy Hmi\/Scada Cimplicity | 8.2 | — |
| Ge | Intelligent Platforms Proficy Process Systems With Cimplicity | All versions | — |
References
- http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-0750?
How severe is CVE-2014-0750?
How do I fix CVE-2014-0750?
Are you affected by CVE-2014-0750?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST