Vulnerabilities > GE > Intelligent Platforms Proficy HMI Scada Cimplicity > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-05 | CVE-2017-12732 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GE Intelligent Platforms Proficy Hmi/Scada Cimplicity A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. | 4.9 |
| 2015-01-17 | CVE-2014-2355 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GE Intelligent Platforms Proficy Hmi/Scada Cimplicity The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM) file. | 6.9 |
| 2013-11-22 | CVE-2013-2823 | Improper Input Validation vulnerability in multiple products The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. | 4.7 |
| 2013-01-27 | CVE-2013-0653 | Path Traversal vulnerability in GE products Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet. | 4.3 |
| 2013-01-17 | CVE-2012-4689 | Numeric Errors vulnerability in GE products Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request. | 4.3 |