What is CVE-2017-12732?

CVE-2017-12732 is a medium-severity vulnerability in Ge Intelligent_platforms_proficy_hmi\/scada_cimplicity, classified under Stack-based Buffer Overflow. CVSS score: 6.8/10. Published 2017-10-05.

How severe is CVE-2017-12732?

Medium severity. CVSS v3 base score is 6.8 out of 10.

Buffer overflow in Ge Intelligent_platforms_proficy_hmi\/scada_cimplicity

CVE-2017-12732

A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead t…

Vulnerability class: Buffer Overflow

EPSS: 0.007 (50.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Ge Intelligent_platforms_proficy_hmi\/scada_cimplicity
N/a Ge Cimplicity — versions GE CIMPLICITY

Weakness classification (CWE)

References

ics-cert@hq.dhs.gov (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)

Frequently asked questions

What is CVE-2017-12732?: CVE-2017-12732 is a medium-severity vulnerability in Ge Intelligent_platforms_proficy_hmi\/scada_cimplicity, classified under Stack-based Buffer Overflow. CVSS score: 6.8/10. Published 2017-10-05.
How severe is CVE-2017-12732?: Medium severity. CVSS v3 base score is 6.8 out of 10.