CVE-2014-0751

GE Proficy HMI/SCADA Path Traversal

Description

The CIMPLICITY Web-based access component, CimWebServer, does not check the location of shell files being loaded into the system. By modifying the source location, an attacker could send shell code to the CimWebServer which would deploy the nefarious files as part of any SCADA project. This could allow the attacker to execute arbitrary code.

Remediation

Solution:

  • GE has produced an update that mitigates one vulnerability and made configuration changes to mitigate the other. Please reference the following GE Product Security Advisories for specific information on the vulnerabilities. GEIP13-05 To address this vulnerability, all copies of the gefebt.exe files that are accessible from a Web client must be deleted or moved, so they are inaccessible. If the production Web configuration currently relies on gefebt.exe, changes to the server’s Web pages may also be desirable. The GE Product Security Advisory, which provides additional guidance, is available here:  http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939 GEIP13-06 Download Proficy HMI/SCADA - CIMPLICITY 8.2 SIM 24 at:  http://support.ge-ip.com/support/index?page=dwchannel&id=DN4128 The GE Product Security Advisory is available here:  http://support.ge-ip.com/support/index?page=kbchannel&id=KB15940

Category

6.8
CVSS
Severity: Medium
CVSS 2.0 •
EPSS 0.74% Top 30%
Vendor Advisory ge-ip.com
Affected: GE Proficy HMI/SCADA - CIMPLICITY
Affected: GE Proficy Process Systems with CIMPLICITY
Published at:
Updated at:

References

Link Tags
https://www.cisa.gov/news-events/ics-advisories/icsa-14-023-01
http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939
http://www.securityfocus.com/bid/65124 vdb entry
http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01
http://support.ge-ip.com/support/index?page=kbchannel&id=KB15940 vendor advisory
http://www.securityfocus.com/bid/65117

Frequently Asked Questions

What is the severity of CVE-2014-0751?
CVE-2014-0751 has been scored as a medium severity vulnerability.
How to fix CVE-2014-0751?
To fix CVE-2014-0751: GE has produced an update that mitigates one vulnerability and made configuration changes to mitigate the other. Please reference the following GE Product Security Advisories for specific information on the vulnerabilities. GEIP13-05 To address this vulnerability, all copies of the gefebt.exe files that are accessible from a Web client must be deleted or moved, so they are inaccessible. If the production Web configuration currently relies on gefebt.exe, changes to the server’s Web pages may also be desirable. The GE Product Security Advisory, which provides additional guidance, is available here:  http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939 GEIP13-06 Download Proficy HMI/SCADA - CIMPLICITY 8.2 SIM 24 at:  http://support.ge-ip.com/support/index?page=dwchannel&id=DN4128 The GE Product Security Advisory is available here:  http://support.ge-ip.com/support/index?page=kbchannel&id=KB15940
Is CVE-2014-0751 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2014-0751 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2014-0751?
CVE-2014-0751 affects GE Proficy HMI/SCADA - CIMPLICITY, GE Proficy Process Systems with CIMPLICITY.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.