CVE-2014-0750

Name of the Vulnerable Software and Affected Versions GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY versions prior to 8.2 SIM 24 Proficy Process Systems with CIMPLICITY (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary code via a crafted HTTP request. This is related to a directory traversal vulnerability in the gefebt.exe component of the WebView CimWeb components.

Recommendations For GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY versions prior to 8.2 SIM 24, update to version 8.2 SIM 24 or later to resolve the issue. For Proficy Process Systems with CIMPLICITY, at the moment, there is no information about a newer version that contains a fix for this vulnerability.