Test ID:	1.3.6.1.4.1.25623.1.0.103785
Category:	Web application abuses
Title:	GE Intelligent Platforms Proficy Cimplicity Multiple Vulnerabilities
Summary:	GE Intelligent Platforms Proficy Cimplicity is prone to multiple Vulnerabilities
Description:	Summary: GE Intelligent Platforms Proficy Cimplicity is prone to multiple Vulnerabilities Vulnerability Insight: General Electric (GE) has addressed two vulnerabilities in GE Intelligent Platforms Proficy HMI/SCADA-CIMPLICITY: a directory transversal vulnerability and improper input validation vulnerability. GE has released two security advisories (GEIP12-13 and GEIP12-19) available on the GE Intelligent Platforms support Web site to inform customers about these vulnerabilities. Vulnerability Impact: If the vulnerabilities are exploited, they could allow an unauthenticated remote attacker to cause the CIMPLICITY built-in Web server to crash or to run arbitrary commands on a server running the affected software, or could potentially allow an attacker to take control of the CIMPLICITY server. Affected Software/OS: GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY. Solution: Updates are available. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0653 http://www.us-cert.gov/control_systems/pdf/ICSA-13-022-02.pdf Common Vulnerability Exposure (CVE) ID: CVE-2013-0654
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.