Unrated severityNVD Advisory· Published Jan 25, 2014· Updated Apr 29, 2026

CVE-2014-0751

Description

The CIMPLICITY Web-based access component, CimWebServer, does not check the location of shell files being loaded into the system. By modifying the source location, an attacker could send shell code to the CimWebServer which would deploy the nefarious files as part of any SCADA project. This could allow the attacker to execute arbitrary code.

Affected products

Ge/Intelligent Platforms Proficy Hmi\%2fscada Cimplicity
cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\%2fscada_cimplicity:*:sim24:*:*:*:*:*:*
Range: <=8.2
Ge/Intelligent Platforms Proficy Hmi\/SCADA Cimplicity5 versions
cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:4.01:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:4.01:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ge:intelligent_platforms_proficy_hmi\/scada_cimplicity:8.2:*:*:*:*:*:*:*
Ge/Intelligent Platforms Proficy Process Systems With Cimplicity
cpe:2.3:a:ge:intelligent_platforms_proficy_process_systems_with_cimplicity:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000