github - ghsa-5q8q-px6g-7r9f

ghsa-5q8q-px6g-7r9f

Vulnerability from github

Published

2022-05-17 04:52

Modified

2025-08-23 00:31

Details

Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212, aka ZDI-CAN-1623.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-0751"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-01-25T22:55:00Z",
    "severity": "HIGH"
  },
  "details": "Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212, aka ZDI-CAN-1623.",
  "id": "GHSA-5q8q-px6g-7r9f",
  "modified": "2025-08-23T00:31:12Z",
  "published": "2022-05-17T04:52:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0751"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-023-01"
    },
    {
      "type": "WEB",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01"
    },
    {
      "type": "WEB",
      "url": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=KB15939"
    },
    {
      "type": "WEB",
      "url": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=KB15940"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/65117"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/65124"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2014-0751 (GCVE-0-2014-0751)

Vulnerability from cvelistv5

Published

2014-01-25 22:00

Modified

2025-08-22 22:51

Severity ?

CWE

CWE-22

Summary

The CIMPLICITY Web-based access component, CimWebServer, does not check the location of shell files being loaded into the system. By modifying the source location, an attacker could send shell code to the CimWebServer which would deploy the nefarious files as part of any SCADA project. This could allow the attacker to execute arbitrary code.

References

URL

Tags

	https://www.cisa.gov/news-events/ics-advisories/icsa-14-023-01
	http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/65124	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

Proficy HMI/SCADA - CIMPLICITY

Version: 4.01 < 8.2

Proficy Process Systems with CIMPLICITY

Version: all versions

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:27:19.517Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=KB15940"
          },
          {
            "name": "65117",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/65117"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Proficy HMI/SCADA - CIMPLICITY",
          "vendor": "GE",
          "versions": [
            {
              "lessThan": "8.2",
              "status": "affected",
              "version": "4.01",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Proficy Process Systems with CIMPLICITY",
          "vendor": "GE",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "amisto0x07 and Z0mb1E of Zero Day Initiative (ZDI)"
        }
      ],
      "datePublic": "2014-01-24T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\nThe CIMPLICITY Web-based access component, CimWebServer, does not check \nthe location of shell files being loaded into the system. By modifying \nthe source location, an attacker could send shell code to the \nCimWebServer which would deploy the nefarious files as part of any SCADA\n project. This could allow the attacker to execute arbitrary code.\n\n\u003c/p\u003e"
            }
          ],
          "value": "The CIMPLICITY Web-based access component, CimWebServer, does not check \nthe location of shell files being loaded into the system. By modifying \nthe source location, an attacker could send shell code to the \nCimWebServer which would deploy the nefarious files as part of any SCADA\n project. This could allow the attacker to execute arbitrary code."
        }
      ],
      "metrics": [
        {
          "cvssV2_0": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-22T22:51:23.718Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-023-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=KB15939"
        },
        {
          "name": "65124",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/65124"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eGE has produced an update that mitigates one vulnerability and made \nconfiguration changes to mitigate the other. Please reference the \nfollowing GE Product Security Advisories for specific information on the\n vulnerabilities.\u003c/p\u003e\n\u003cp\u003eGEIP13-05\u003c/p\u003e\n\u003cp\u003eTo address this vulnerability, all copies of the gefebt.exe files \nthat are accessible from a Web client must be deleted or moved, so they \nare inaccessible. If the production Web configuration currently relies \non gefebt.exe, changes to the server\u2019s Web pages may also be desirable.\u003c/p\u003e\u003cp\u003eThe GE Product Security Advisory, which provides additional guidance, is available here:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://support.ge-ip.com/support/index?page=kbchannel\u0026amp;id=KB15939\"\u003ehttp://support.ge-ip.com/support/index?page=kbchannel\u0026amp;id=KB15939\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eGEIP13-06\u003c/p\u003e\u003cp\u003eDownload Proficy HMI/SCADA - CIMPLICITY 8.2 SIM 24 at:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://support.ge-ip.com/support/index?page=dwchannel\u0026amp;id=DN4128\"\u003ehttp://support.ge-ip.com/support/index?page=dwchannel\u0026amp;id=DN4128\u003c/a\u003e\u003c/p\u003e\u003cp\u003eThe GE Product Security Advisory is available here:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://support.ge-ip.com/support/index?page=kbchannel\u0026amp;id=KB15940\"\u003ehttp://support.ge-ip.com/support/index?page=kbchannel\u0026amp;id=KB15940\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "GE has produced an update that mitigates one vulnerability and made \nconfiguration changes to mitigate the other. Please reference the \nfollowing GE Product Security Advisories for specific information on the\n vulnerabilities.\n\n\nGEIP13-05\n\n\nTo address this vulnerability, all copies of the gefebt.exe files \nthat are accessible from a Web client must be deleted or moved, so they \nare inaccessible. If the production Web configuration currently relies \non gefebt.exe, changes to the server\u2019s Web pages may also be desirable.\n\nThe GE Product Security Advisory, which provides additional guidance, is available here:\u00a0 http://support.ge-ip.com/support/index?page=kbchannel\u0026id=KB15939 \n\n\nGEIP13-06\n\nDownload Proficy HMI/SCADA - CIMPLICITY 8.2 SIM 24 at:\u00a0 http://support.ge-ip.com/support/index?page=dwchannel\u0026id=DN4128 \n\nThe GE Product Security Advisory is available here:\u00a0 http://support.ge-ip.com/support/index?page=kbchannel\u0026id=KB15940"
        }
      ],
      "source": {
        "advisory": "ICSA-14-023-01",
        "discovery": "EXTERNAL"
      },
      "title": "GE Proficy HMI/SCADA Path Traversal",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2014-0750",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01"
            },
            {
              "name": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=KB15939",
              "refsource": "CONFIRM",
              "url": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=KB15939"
            },
            {
              "name": "65124",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/65124"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2014-0751",
    "datePublished": "2014-01-25T22:00:00",
    "dateReserved": "2014-01-02T00:00:00",
    "dateUpdated": "2025-08-22T22:51:23.718Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.