OTPulse
FeedAboutContact

GE Proficy HMI/SCADA CIMPLICITY CimView Memory Access Violation

Low RiskICS-CERT ICSA-14-289-02Jul 19, 2014
Summary

GE Proficy HMI/SCADA CIMPLICITY CimView versions 8.2 and earlier contain a memory access violation vulnerability (CWE-119). This flaw could cause the CimView application to crash when processing certain inputs, resulting in loss of HMI visibility during normal operations.

What this means
What could happen
A memory access violation in CimView could crash the HMI application, disrupting visibility into plant operations and potentially preventing operators from responding to real-time process changes.
Who's at risk
Operators and engineers at energy and manufacturing facilities who rely on GE Proficy HMI/SCADA CIMPLICITY for real-time visibility into control systems, including power generation, distribution, and industrial process equipment.
How it could be exploited
An attacker would need to send a specially crafted input or trigger a specific condition in CimView that causes the application to access invalid memory. This could be done through a malicious file, network message, or user interaction depending on how CimView processes external input.
Prerequisites
  • Access to the system running CimView (physical or network)
  • Ability to provide input to CimView such as opening a file or triggering a specific function
no patch availableaffects visibility/situational awareness in critical operations
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Proficy HMI/SCADA–CIMPLICITY: <=8.2≤ 8.2No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDMonitor CimView for unexpected crashes or application instability and implement restart procedures to restore HMI visibility
Long-term hardening
0/1
HOTFIXEvaluate migration to a newer version of Proficy HMI/SCADA or alternative HMI software that receives active security updates
Mitigations - no patch available
0/2
Proficy HMI/SCADA–CIMPLICITY: <=8.2 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement network segmentation to limit access to HMI systems from untrusted networks and non-essential systems
HARDENINGRestrict user permissions on systems running CimView to only authorized operators and engineers
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/c835db99-046e-46bf-a64f-d6ebe30290e5