KLA10300
ACE vulnerability in GE IP products
Updated: 06/01/2019
Detect date
?
07/04/2012
Severity
?
Critical
Description

A buffer overflow was found in GE IP products. By exploiting this vulnerability malicious users can execute arbitrary code and commands. This vulnerability can be exploited remotely via a specially designed input.

Affected products

Proficy Historian versions 4.5, 4.0, 3.5, and 3.1
Proficy HMI/SCADA – iFIX versions 5.1 and 5.0
Proficy Pulse version 1.0
Proficy Batch Execution version 5.6
SI7 I/O Driver versions from 7.20 to 7.42

Solution

Update to latest version

Original advisories

GE IP bulletin

Impacts
?
ACE 
[?]
CVE-IDS
?
CVE-2012-25159.3Critical
CVE-2012-25169.3Critical