Eyal Udassin

**Name of the Vulnerable Software and Affected Versions** AREVA e-terrahabitat versions 5.7 and earlier **Description** The issue allows remote authenticated users to gain privileges via unknown vectors. **Recommendations** For versions 5.7 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** AREVA e-terrahabitat versions 5.7 and earlier **Description** The issue is related to a buffer overflow in the MLF application, which can be exploited by remote attackers to execute arbitrary commands or cause a denial of service, resulting in a system crash. The exact vectors used for the exploitation are not specified. **Recommendations** For versions 5.7 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** AREVA e-terrahabitat versions 5.7 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in a system crash, via unknown vectors. **Recommendations** For versions 5.7 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** AREVA e-terrahabitat versions 5.7 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in a system crash, via unknown vectors. **Recommendations** For versions 5.7 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** AREVA e-terrahabitat versions 5.7 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in a system crash, via unknown vectors. **Recommendations** For versions 5.7 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: ABB Process Communication Unit 400 (PCU400) versions 4.4 through 4.6 Description: The issue allows remote attackers to execute arbitrary code via a crafted packet using the (1) IEC60870-5-101 or (2) IEC60870-5-104 communication protocol to the X87 web interface. This is due to a buffer overflow in x87 before version 3.5.5. Recommendations: For versions 4.4 through 4.6, update to version 3.5.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the X87 web interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GE Fanuc Proficy Real-Time Information Portal versions 2.6 and earlier **Description** The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the main virtual directory. This is due to an unrestricted file upload vulnerability. **Recommendations** For GE Fanuc Proficy Real-Time Information Portal versions 2.6 and earlier, update to a version later than 2.6 to resolve the issue. As a temporary workaround, consider restricting file uploads to only authorized users and validating the file types to prevent executable files from being uploaded.

**Name of the Vulnerable Software and Affected Versions** GE Fanuc CIMPLICITY HMI SCADA system versions prior to 7.0 SIM 9 GE Fanuc CIMPLICITY HMI SCADA system versions prior to 6.1 SP6 Hot fix - 010708 162517 6106 **Description** The issue is related to a heap-based buffer overflow in the w32rtr.exe component. This allows remote attackers to execute arbitrary code via unknown vectors. **Recommendations** For GE Fanuc CIMPLICITY HMI SCADA system versions prior to 7.0 SIM 9, update to version 7.0 SIM 9 or later. For GE Fanuc CIMPLICITY HMI SCADA system versions prior to 6.1 SP6 Hot fix - 010708 162517 6106, apply Hot fix - 010708 162517 6106 or later.

**Name of the Vulnerable Software and Affected Versions** GE Fanuc Proficy Real-Time Information Portal versions 2.6 and earlier **Description** The issue allows remote attackers to steal passwords and gain privileges due to the use of HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext. **Recommendations** For GE Fanuc Proficy Real-Time Information Portal versions 2.6 and earlier, consider disabling the use of HTTP Basic Authentication until a more secure authentication method is implemented. Restrict access to sensitive areas of the portal to minimize the risk of exploitation.