What is CVE-2014-0750?

CVE-2014-0750 is a vulnerability in Ge Intelligent_platforms_proficy_hmi\%2fscada_cimplicity, classified under Path Traversal. Published 2014-01-25.

Is CVE-2014-0750 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Ge Intelligent_platforms_proficy_hmi\%2fscada_cimplicity

CVE-2014-0750

Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.702 (99.3th percentile) — read the EPSS interpretation.

Affected products

Ge Intelligent_platforms_proficy_hmi\%2fscada_cimplicity
Ge Intelligent_platforms_proficy_hmi\/scada_cimplicity — versions 4.01, 7.5, 8.0
Ge Intelligent_platforms_proficy_process_systems_with_cimplicity
Ge Proficy Hmi/scada - Cimplicity — versions 4.01
Ge Proficy Process Systems With Cimplicity — versions all versions

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

References

ics-cert@hq.dhs.gov
ics-cert@hq.dhs.gov (x_refsource_CONFIRM, Vendor Advisory)
65124 (vdb-entry, x_refsource_BID)
af854a3a-2127-422b-91ae-364da2661108 (US Government Resource)

Frequently asked questions

What is CVE-2014-0750?: CVE-2014-0750 is a vulnerability in Ge Intelligent_platforms_proficy_hmi\%2fscada_cimplicity, classified under Path Traversal. Published 2014-01-25.
Is CVE-2014-0750 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.