CVE-2012-4689

Name of the Vulnerable Software and Affected Versions GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY versions 4.01 through 8.0 Proficy Process Systems with CIMPLICITY versions 4.01 through 8.0

Description The issue is related to an integer overflow in CimWebServer.exe, which can be exploited by remote attackers through a malformed HTTP request, leading to a denial of service (daemon crash).

Recommendations For GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY versions 4.01 through 8.0, consider restricting access to the CimWebServer.exe until a fix is available. For Proficy Process Systems with CIMPLICITY versions 4.01 through 8.0, avoid using the vulnerable CimWebServer.exe functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.