Searching
..

Click anywhere to stop

KLA10300
ACE vulnerability in GE IP products

Updated: 03/15/2024
Detect date
?
07/04/2012
Severity
?
Critical
Description

A buffer overflow was found in GE IP products. By exploiting this vulnerability malicious users can execute arbitrary code and commands. This vulnerability can be exploited remotely via a specially designed input.

Affected products

Proficy Historian versions 4.5, 4.0, 3.5, and 3.1
Proficy HMI/SCADA – iFIX versions 5.1 and 5.0
Proficy Pulse version 1.0
Proficy Batch Execution version 5.6
SI7 I/O Driver versions from 7.20 to 7.42

Solution

Update to latest version

Original advisories

GE IP bulletin

Impacts
?
ACE 
[?]
Related products
Proficy HMI/SCADA iFIX
CVE-IDS
?
CVE-2012-25159.3Critical
CVE-2012-25169.3Critical
Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Find out the statistics of the vulnerabilities spreading in your region