CVE-2014-0751 Information

Description

Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24 and Proficy Process Systems with CIMPLICITY allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212 aka ZDI-CAN-1623.

Reference

http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01 http://support.ge-ip.com/support/index?page=kbchannel&id=KB15940 http://www.securityfocus.com/bid/65117