{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T04:56:17.115","vulnerabilities":[{"cve":{"id":"CVE-2014-0751","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2014-01-25T22:55:04.583","lastModified":"2026-04-29T01:13:23.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The CIMPLICITY Web-based access component, CimWebServer, does not check \nthe location of shell files being loaded into the system. By modifying \nthe source location, an attacker could send shell code to the \nCimWebServer which would deploy the nefarious files as part of any SCADA\n project. This could allow the attacker to execute arbitrary code."},{"lang":"es","value":"Vulnerabilidad de salto de directorio en CimWebServer.exe (también conocido como el componente WebView) en GE Intelligent Platforms Proficy HMI / SCADA - CIMPLICITY anterior a  8.2 SIM  24 y Proficy Process con CIMPLICITY, permite a atacantes remotos ejecutar código arbitrario a través de un mensaje manipulado a puerto TCP 10212  , también conocido como ZDI-CAN-1623."}],"metrics":{"cvssMetricV2":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\%2fscada_cimplicity:*:sim24:*:*:*:*:*:*","versionEndIncluding":"8.2","matchCriteriaId":"4C5EDB9D-01CD-4843-86CD-C834B726ACF1"},{"vulnerable":true,"criteria":"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:4.01:*:*:*:*:*:*:*","matchCriteriaId":"6C0B8CA7-2161-4603-B844-DE6C079DF36F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:7.5:*:*:*:*:*:*:*","matchCriteriaId":"E3BACB11-5CD3-4CA6-9C56-D71628CADF0F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:8.0:*:*:*:*:*:*:*","matchCriteriaId":"90538C50-38BD-4EE5-BD30-96E2E2951FE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:8.1:*:*:*:*:*:*:*","matchCriteriaId":"CB261867-B9B1-4D3D-B2DE-3CC3164EFD06"},{"vulnerable":true,"criteria":"cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\\/scada_cimplicity:8.2:*:*:*:*:*:*:*","matchCriteriaId":"559DCD7A-0745-4D4C-A77A-83240EF6C510"},{"vulnerable":true,"criteria":"cpe:2.3:a:ge:intelligent_platforms_proficy_process_systems_with_cimplicity:-:*:*:*:*:*:*:*","matchCriteriaId":"AD9711EA-2C95-41FA-8827-01FCB0ED4B06"}]}]}],"references":[{"url":"http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939","source":"ics-cert@hq.dhs.gov"},{"url":"http://www.securityfocus.com/bid/65124","source":"ics-cert@hq.dhs.gov"},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-14-023-01","source":"ics-cert@hq.dhs.gov"},{"url":"http://ics-cert.us-cert.gov/advisories/ICSA-14-023-01","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://support.ge-ip.com/support/index?page=kbchannel&id=KB15940","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/65117","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}