CVE-2012-0231

Name of the Vulnerable Software and Affected Versions GE Intelligent Platforms Proficy Plant Applications versions 5.0 and earlier

Description The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted TCP session on port 12401. This is due to a problem in PRLicenseMgr.exe in the Proficy Server License Manager.

Recommendations For versions 5.0 and earlier, consider restricting access to port 12401 to minimize the risk of exploitation. As a temporary workaround, limiting the exposure of the Proficy Server License Manager to untrusted networks may help reduce the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.