CVE-2012-4689
published 2013-01-17CVE-2012-4689: Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
1.15%
63.0th percentile
Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ge | intelligent_platforms_proficy_hmi_scada_cimplicity | — | — |
| ge | intelligent_platforms_proficy_hmi_scada_cimplicity | — | — |
| ge | intelligent_platforms_proficy_hmi_scada_cimplicity | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
GE Proficy HMI/SCADA Cimplicity Integer Overflow
cisa_ics·2012-12-06
GE Proficy HMI/SCADA Cimplicity Integer Overflow
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
GE Proficy HMI/SCADA Cimplicity Integer Overflow
Last RevisedSeptember 06, 2018
Alert CodeICSA-12-341-01
## OVERVIEW
This updated advisory is a follow-up to the original ICS-CERT Advisory titled ICSA-12-341-01P—GE PROFICY HMI/SCADA CIMPLICITY INTEGER OVERFLOW that was published December 06, 2012, to the US-CERT secure Portal library.
Researcher Kuang-Chun Hung of Information and Communication Security Technology Center (ICST) has identified an improper input validation vulnerability in GE’s Intelligent Platforms Proficy HMI/SCADA—Cimplicity. This vulnerability could lead to a p
GHSA
GHSA-xv32-q7h7-g7hp: Integer overflow in CimWebServer
ghsa_unreviewed·2022-05-17
CVE-2012-4689 [MEDIUM] GHSA-xv32-q7h7-g7hp: Integer overflow in CimWebServer
Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2013-01-17
Published