var-201401-0364
Vulnerability from variot
Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622. Zero Day Initiative Is vulnerable to this vulnerability ZDI-CAN-1622 Was numbered.Skillfully crafted by a third party HTTP Arbitrary code may be executed via a request. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gefebt.exe component. This component performs insufficient parameter validation on an HTTP request. Successful exploitation will allow an attacker to upload and execute an arbitrary file on the target server. GE Proficy CIMPLICITY is a monitoring software developed by GE and one of the industry's leading HMI/SCADA software. GE Proficy CIMPLICITY CimWebServer The gefebt.exe component fails to properly check the location of shell files loaded into the system. By modifying the source location, an attacker can send shell code to CimWebServer and deploy it in a server-side script to execute arbitrary code. The following products are affected: Proficy HMI/SCADA - CIMPLICITY 4.01 through versions 8.2 Proficy Process Systems with CIMPLICITY
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "intelligent platforms proficy hmi\\/scada cimplicity",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "7.5"
},
{
"_id": null,
"model": "intelligent platforms proficy hmi\\/scada cimplicity",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "8.0"
},
{
"_id": null,
"model": "intelligent platforms proficy process systems with cimplicity",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": null
},
{
"_id": null,
"model": "intelligent platforms proficy hmi\\/scada cimplicity",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "4.01"
},
{
"_id": null,
"model": "intelligent platforms proficy hmi\\/scada cimplicity",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "8.2"
},
{
"_id": null,
"model": "intelligent platforms proficy hmi\\/scada cimplicity",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "8.1"
},
{
"_id": null,
"model": "intelligent platforms proficy hmi\\%2fscada cimplicity",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "8.2"
},
{
"_id": null,
"model": "proficy hmi/scada - cimplicity",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "4.01 to 8.2"
},
{
"_id": null,
"model": "proficy process systems with cimplicity",
"scope": null,
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"_id": null,
"model": "proficy cimplicity",
"scope": null,
"trust": 0.7,
"vendor": "ge",
"version": null
},
{
"_id": null,
"model": "electric proficy process systems with cimplicity",
"scope": null,
"trust": 0.6,
"vendor": "general",
"version": null
},
{
"_id": null,
"model": "electric proficy hmi/scada \\342\\200\\223 cimplicity",
"scope": "eq",
"trust": 0.6,
"vendor": "general",
"version": "4.01-8.2"
},
{
"_id": null,
"model": "intelligent platforms proficy hmi\\%2fscada cimplicity",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "8.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy hmi 2fscada cimplicity",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy hmi scada cimplicity",
"version": "4.01"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy hmi scada cimplicity",
"version": "7.5"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy hmi scada cimplicity",
"version": "8.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy hmi scada cimplicity",
"version": "8.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy hmi scada cimplicity",
"version": "8.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy process with cimplicity",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-015"
},
{
"db": "CNVD",
"id": "CNVD-2014-00669"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001257"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-523"
},
{
"db": "NVD",
"id": "CVE-2014-0750"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ge:intelligent_platforms_proficy_hmi%2Fscada_cimplicity",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ge:intelligent_platforms_proficy_process_systems_with_cimplicity",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001257"
}
]
},
"credits": {
"_id": null,
"data": "ZombiE and amisto0x07",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-015"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0750",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0750",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 2.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-00669",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0750",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0750",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2014-0750",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-00669",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-523",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-015"
},
{
"db": "CNVD",
"id": "CNVD-2014-00669"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001257"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-523"
},
{
"db": "NVD",
"id": "CVE-2014-0750"
}
]
},
"description": {
"_id": null,
"data": "Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622. Zero Day Initiative Is vulnerable to this vulnerability ZDI-CAN-1622 Was numbered.Skillfully crafted by a third party HTTP Arbitrary code may be executed via a request. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gefebt.exe component. This component performs insufficient parameter validation on an HTTP request. Successful exploitation will allow an attacker to upload and execute an arbitrary file on the target server. GE Proficy CIMPLICITY is a monitoring software developed by GE and one of the industry\u0027s leading HMI/SCADA software. GE Proficy CIMPLICITY CimWebServer The gefebt.exe component fails to properly check the location of shell files loaded into the system. By modifying the source location, an attacker can send shell code to CimWebServer and deploy it in a server-side script to execute arbitrary code. \nThe following products are affected:\nProficy HMI/SCADA - CIMPLICITY 4.01 through versions 8.2\nProficy Process Systems with CIMPLICITY",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0750"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001257"
},
{
"db": "ZDI",
"id": "ZDI-14-015"
},
{
"db": "CNVD",
"id": "CNVD-2014-00669"
},
{
"db": "BID",
"id": "65124"
},
{
"db": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d"
}
],
"trust": 3.24
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-0750",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-14-023-01",
"trust": 3.0
},
{
"db": "BID",
"id": "65124",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2014-00669",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201401-523",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001257",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1622",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-015",
"trust": 0.7
},
{
"db": "IVD",
"id": "4371F0A2-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-015"
},
{
"db": "CNVD",
"id": "CNVD-2014-00669"
},
{
"db": "BID",
"id": "65124"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001257"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-523"
},
{
"db": "NVD",
"id": "CVE-2014-0750"
}
]
},
"id": "VAR-201401-0364",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00669"
}
],
"trust": 1.5099878000000002
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00669"
}
]
},
"last_update_date": "2024-11-23T22:46:08.345000Z",
"patch": {
"_id": null,
"data": [
{
"title": "KB15939",
"trust": 0.8,
"url": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=KB15939"
},
{
"title": "GE has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01"
},
{
"title": "Patches for multiple Generel Electric products \u0027gefebt.exe\u0027 shell upload vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/43195"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-015"
},
{
"db": "CNVD",
"id": "CNVD-2014-00669"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001257"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001257"
},
{
"db": "NVD",
"id": "CVE-2014-0750"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-023-01"
},
{
"trust": 1.6,
"url": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=kb15939"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/65124"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0750"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0750"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-015"
},
{
"db": "CNVD",
"id": "CNVD-2014-00669"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001257"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-523"
},
{
"db": "NVD",
"id": "CVE-2014-0750"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-14-015",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2014-00669",
"ident": null
},
{
"db": "BID",
"id": "65124",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001257",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201401-523",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-0750",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-01-28T00:00:00",
"db": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2014-02-13T00:00:00",
"db": "ZDI",
"id": "ZDI-14-015",
"ident": null
},
{
"date": "2014-01-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00669",
"ident": null
},
{
"date": "2014-01-23T00:00:00",
"db": "BID",
"id": "65124",
"ident": null
},
{
"date": "2014-01-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001257",
"ident": null
},
{
"date": "2014-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-523",
"ident": null
},
{
"date": "2014-01-25T22:55:04.550000",
"db": "NVD",
"id": "CVE-2014-0750",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2014-02-13T00:00:00",
"db": "ZDI",
"id": "ZDI-14-015",
"ident": null
},
{
"date": "2014-01-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00669",
"ident": null
},
{
"date": "2015-07-15T00:14:00",
"db": "BID",
"id": "65124",
"ident": null
},
{
"date": "2014-01-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001257",
"ident": null
},
{
"date": "2014-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-523",
"ident": null
},
{
"date": "2024-11-21T02:02:44.483000",
"db": "NVD",
"id": "CVE-2014-0750",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-523"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and Proficy Process Systems with CIMPLICITY Vulnerable to directory traversal",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001257"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "4371f0a2-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-523"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.