Details of VAR-201307-0318

ID

VAR-201307-0318

CVE

CVE-2013-2785

TITLE

GE Proficy CIMPLICITY 'CimWebServer' Remote Stack Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: ce8baf5c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11048

DESCRIPTION

Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted data in packets to TCP port 10212, aka ZDI-CAN-1621 and ZDI-CAN-1624. GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and Proficy Process Systems with CIMPLICITY of WebView Component CimWebServer.exe Contains a buffer overflow vulnerability. Zero Day Initiative The vulnerability ZDI-CAN-1621 and ZDI-CAN-1624 It was announced as.By a third party TCP port 10212 Arbitrary code may be executed via crafted data in the packet to the. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE Proficy CIMPLICITY. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CimWebServer component. This component performs insufficient bounds checking on user-supplied data passed in the szPassword field which results in stack corruption. An attacker can leverage this situation to execute code under the context of the process. GE Proficy CIMPLICITY is a monitoring software developed by GE and one of the industry's leading HMI/SCADA software

Trust: 3.87

sources: NVD: CVE-2013-2785 // JVNDB: JVNDB-2013-003613 // ZDI: ZDI-13-180 // ZDI: ZDI-13-181 // CNVD: CNVD-2013-11048 // BID: 61469 // IVD: ce8baf5c-2352-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: ce8baf5c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11048

AFFECTED PRODUCTS

vendor:	ge	model:	proficy cimplicity	scope:	-	version:	-	Trust: 2.0
vendor:	ge	model:	intelligent platforms proficy process systems with cimplicity	scope:	eq	version:	-	Trust: 1.6
vendor:	ge	model:	intelligent platforms proficy hmi\/scada cimplicity	scope:	eq	version:	8.1	Trust: 1.6
vendor:	ge	model:	intelligent platforms proficy hmi\/scada cimplicity	scope:	eq	version:	8.0	Trust: 1.6
vendor:	ge	model:	intelligent platforms proficy hmi\/scada cimplicity	scope:	eq	version:	8.2	Trust: 1.6
vendor:	general electric	model:	proficy hmi/scada - cimplicity	scope:	eq	version:	sim 19	Trust: 0.8
vendor:	general electric	model:	proficy hmi/scada - cimplicity	scope:	lt	version:	8.2	Trust: 0.8
vendor:	general electric	model:	proficy hmi/scada - cimplicity	scope:	eq	version:	sim 25	Trust: 0.8
vendor:	general electric	model:	proficy hmi/scada - cimplicity	scope:	lt	version:	8.1	Trust: 0.8
vendor:	general electric	model:	proficy process systems with cimplicity	scope:	-	version:	-	Trust: 0.8
vendor:	intelligent platforms proficy hmi scada cimplicity	model:	-	scope:	eq	version:	8.0	Trust: 0.2
vendor:	intelligent platforms proficy hmi scada cimplicity	model:	-	scope:	eq	version:	8.1	Trust: 0.2
vendor:	intelligent platforms proficy hmi scada cimplicity	model:	-	scope:	eq	version:	8.2	Trust: 0.2
vendor:	intelligent platforms proficy process with cimplicity	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: ce8baf5c-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-13-180 // ZDI: ZDI-13-181 // CNVD: CNVD-2013-11048 // JVNDB: JVNDB-2013-003613 // CNNVD: CNNVD-201307-646 // NVD: CVE-2013-2785

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-2785
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-2785
value:	HIGH
Trust: 0.8
ZDI:	CVE-2013-2785
value:	MEDIUM
Trust: 0.7
ZDI:	CVE-2013-2785
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2013-11048
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201307-646
value:	CRITICAL
Trust: 0.6
IVD:	ce8baf5c-2352-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2

nvd@nist.gov:	CVE-2013-2785
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
ZDI:	CVE-2013-2785
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
ZDI:	CVE-2013-2785
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2013-11048
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	ce8baf5c-2352-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2013-003613 // NVD: CVE-2013-2785

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-646

TYPE

Buffer overflow

Trust: 0.8

sources: IVD: ce8baf5c-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201307-646

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-003613

PATCH

title:	KB15602	url:	http://support.ge-ip.com/support/index?page=kbchannel&id=KB15602	Trust: 2.2
title:	GE Proficy CIMPLICITY 'CimWebServer' patch for remote stack buffer overflow vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/36553	Trust: 0.6

sources: ZDI: ZDI-13-180 // ZDI: ZDI-13-181 // CNVD: CNVD-2013-11048 // JVNDB: JVNDB-2013-003613

EXTERNAL IDS

db:	NVD	id:	CVE-2013-2785	Trust: 4.9
db:	ICS CERT	id:	ICSA-13-170-01	Trust: 2.4
db:	BID	id:	61469	Trust: 1.5
db:	ZDI	id:	ZDI-13-180	Trust: 1.3
db:	CNVD	id:	CNVD-2013-11048	Trust: 0.8
db:	CNNVD	id:	CNNVD-201307-646	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-003613	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-1621	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-1624	Trust: 0.7
db:	ZDI	id:	ZDI-13-181	Trust: 0.7
db:	IVD	id:	CE8BAF5C-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: ce8baf5c-2352-11e6-abef-000c29c66e3d // ZDI: ZDI-13-180 // ZDI: ZDI-13-181 // CNVD: CNVD-2013-11048 // BID: 61469 // JVNDB: JVNDB-2013-003613 // CNNVD: CNNVD-201307-646 // NVD: CVE-2013-2785

REFERENCES

url:	http://support.ge-ip.com/support/index?page=kbchannel&id=kb15602	Trust: 3.0
url:	http://ics-cert.us-cert.gov/advisories/icsa-13-170-01	Trust: 2.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2785	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2785	Trust: 0.8
url:	http://www.zerodayinitiative.com/advisories/zdi-13-180/	Trust: 0.6
url:	http://www.securityfocus.com/bid/61469	Trust: 0.6

sources: ZDI: ZDI-13-180 // ZDI: ZDI-13-181 // CNVD: CNVD-2013-11048 // JVNDB: JVNDB-2013-003613 // CNNVD: CNNVD-201307-646 // NVD: CVE-2013-2785

CREDITS

ZombiE and amisto0x07

Trust: 2.3

sources: ZDI: ZDI-13-180 // ZDI: ZDI-13-181 // BID: 61469 // CNNVD: CNNVD-201307-646

SOURCES

db:	IVD	id:	ce8baf5c-2352-11e6-abef-000c29c66e3d
db:	ZDI	id:	ZDI-13-180
db:	ZDI	id:	ZDI-13-181
db:	CNVD	id:	CNVD-2013-11048
db:	BID	id:	61469
db:	JVNDB	id:	JVNDB-2013-003613
db:	CNNVD	id:	CNNVD-201307-646
db:	NVD	id:	CVE-2013-2785

LAST UPDATE DATE

2024-08-14T15:24:49.373000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-13-180	date:	2013-07-26T00:00:00
db:	ZDI	id:	ZDI-13-181	date:	2013-07-26T00:00:00
db:	CNVD	id:	CNVD-2013-11048	date:	2013-07-31T00:00:00
db:	BID	id:	61469	date:	2013-07-26T00:00:00
db:	JVNDB	id:	JVNDB-2013-003613	date:	2013-08-02T00:00:00
db:	CNNVD	id:	CNNVD-201307-646	date:	2013-08-05T00:00:00
db:	NVD	id:	CVE-2013-2785	date:	2013-07-31T13:20:28.707

SOURCES RELEASE DATE

db:	IVD	id:	ce8baf5c-2352-11e6-abef-000c29c66e3d	date:	2013-07-31T00:00:00
db:	ZDI	id:	ZDI-13-180	date:	2013-07-26T00:00:00
db:	ZDI	id:	ZDI-13-181	date:	2013-07-26T00:00:00
db:	CNVD	id:	CNVD-2013-11048	date:	2013-07-31T00:00:00
db:	BID	id:	61469	date:	2013-07-26T00:00:00
db:	JVNDB	id:	JVNDB-2013-003613	date:	2013-08-02T00:00:00
db:	CNNVD	id:	CNNVD-201307-646	date:	2013-07-26T00:00:00
db:	NVD	id:	CVE-2013-2785	date:	2013-07-31T13:20:28.707