CVE-2013-0653
published 2013-01-27CVE-2013-0653: Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through…
PriorityP344medium4.3CVSS 2.0
AVNACMAuNCPINAN
EXPLOIT
EPSS
17.39%
96.7th percentile
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ge | intelligent_platforms_proficy_hmi_scada_cimplicity | — | — |
| ge | intelligent_platforms_proficy_hmi_scada_cimplicity | — | — |
| ge | intelligent_platforms_proficy_hmi_scada_cimplicity | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3crv-g23g-rwc9: Directory traversal vulnerability in substitute
ghsa_unreviewed·2022-05-17
CVE-2013-0653 [MEDIUM] CWE-22 GHSA-3crv-g23g-rwc9: Directory traversal vulnerability in substitute
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet.
CISA ICS
GE Intelligent Platforms Proficy Cimplicity Multiple Vulnerabilities
cisa_ics·2013-09-12
GE Intelligent Platforms Proficy Cimplicity Multiple Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
GE Intelligent Platforms Proficy Cimplicity Multiple Vulnerabilities
Last RevisedSeptember 12, 2013
Alert CodeICSA-13-022-02
## Overview
This advisory provides mitigation details for multiple vulnerabilities that impact GE Intelligent Platforms Proficy HMI/SCADA—CIMPLICITY.
General Electric (GE) has addressed two vulnerabilities in GE Intelligent Platforms Proficy HMI/SCADA—CIMPLICITY: a directory transversal vulnerability and improper input validation vulnerability.
GE has released two security advisories (GEIP12-13 and GEIP12-19) available on the GE Intelligent Platforms sup
No detection rules found.
No writeups or analysis indexed.
2013-01-27
Published