Buffer overflow in Ge Intelligent_platforms_proficy_hmi\/scada_cimplicity

CVE-2014-2355

The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM) file.

Vulnerability class: Buffer Overflow

EPSS: 0.006 (45.9th percentile) — read the EPSS interpretation.

Affected products

Ge Intelligent_platforms_proficy_hmi\/scada_cimplicity
Ge Proficy Hmi/scada–cimplicity — versions 0

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

ics-cert@hq.dhs.gov
af854a3a-2127-422b-91ae-364da2661108 (Third Party Advisory, US Government Resource)