5.3 2017-01-31T12:34:45 GE Proficy HMI SCADA CIMPLICITY Privilege Management Vulnerability - CVE-2016-5787 (GED 16-01) General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors. GE Proficy HMI SCADA CIMPLICITY CimView Memory Access Violation - CVE-2014-2355 (GEIP14-02) The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM) file. GE Proficy HMI SCADA CIMPLICITY WebView remote code execution - CVE-2014-0751 (GEIP13-06) Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212, aka ZDI-CAN-1623. GE Proficy HMI SCADA CIMPLICITY WebView remote code execution - CVE-2014-0750 (GEIP13-05) Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622. GE Proficy HMI SCADA CIMPLICITY WebView buffer overflows - CVE-2013-2785 (GEIP13-03) Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted data in packets to TCP port 10212, aka ZDI-CAN-1621 and ZDI-CAN-1624. GE Proficy HMI SCADA CIMPLICITY: Multiple vulnerabilities in built-in web server - CVE-2013-0654 (GEIP12-13) CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary commands or cause a denial of service (daemon crash) via a crafted packet. GE Proficy HMI SCADA CIMPLICITY WebView information disclosure - CVE-2013-0653 (GEIP12-19) Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet. GE Proficy HMI SCADA CIMPLICITY: Multiple vulnerabilities in built-in web server - CVE-2012-4689 (GEIP12-13) Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request. HKEY_LOCAL_MACHINE DisplayVersion HKEY_LOCAL_MACHINE ^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\{D33BB924-C487-4065-8B5A-DD9C900000\d{2}\}$ DisplayVersion HKEY_LOCAL_MACHINE ^SYSTEM\\CurrentControlSet\\services\\((CIMPLICITY)|(WEBVIEW)|(EGD Service)|(CimProxy))\\Security$ Security HKEY_LOCAL_MACHINE DisplayVersion oval:com.kaspersky.ics-cert:obj:1 oval:com.kaspersky.ics-cert:obj:6 HKEY_LOCAL_MACHINE ^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\{D33BB924-C487-4065-8B5A-DD9C900000\d{2}\}$ DisplayVersion oval:com.kaspersky.ics-cert:obj:2 oval:com.kaspersky.ics-cert:obj:8 HKEY_LOCAL_MACHINE InstallLocation HKEY_LOCAL_MACHINE InstallLocation oval:com.kaspersky.ics-cert:obj:39 oval:com.kaspersky.ics-cert:obj:40 oval:com.kaspersky.ics-cert:obj:48 oval:com.kaspersky.ics-cert:obj:49 ^StartWebServer\s*=\s*(\d)$ 1 HKEY_LOCAL_MACHINE SYSTEM\CurrentControlSet\services\WEBVIEW Start HKEY_LOCAL_MACHINE DisplayVersion HKEY_LOCAL_MACHINE DisplayVersion oval:com.kaspersky.ics-cert:obj:45 oval:com.kaspersky.ics-cert:obj:46 HKEY_LOCAL_MACHINE InstallLocation HKEY_LOCAL_MACHINE InstallLocation ^WebServerRoot\s*=\s*(.+)$ 1 gefebt.exe gefebt.exe substitute.bcl winfilenameRegEx\.Test.+f\$ 1 substitute.bcl winfilenameRegEx\.Test.+f\$ 1 substitute.bcl substitute.bcl 8.10.18236 8.10.18651 8.20.20570 8.10.18236 8.20.20313 reg_binary 01001480300000003C000000140000000000000002001C000100000002801400FF010F00010100000000000100000000010100000000000512000000010100000000000512000000 8.20.20551 4.01.743 8.20.20503 0 reg_dword 2 9.00.23731 8.00.16240 8.00.17126 8.10.18639 8.20.20474 8.00.16240 8.00.17119 8.10.18628 8.20.20453 8.00.17123 8.10.18631 8.20.20458 ^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{((4AF366C7-81ED-420E-9B1E-6CBF8F96E722)|(C596BAFB-9F7B-4042-B765-660902CD2F05))}$ \data\globals.ini ^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{((FE991EB0-7520-428A-930E-1C22C00E813A)|(6FA87207-DCF3-4DF5-8B5C-698736CC39CF))}$ \WebPages