Is affected the system:
GE Fanuc CIMPLICITY HMI 6.1 SP6
GE Fanuc CIMPLICITY HMI 6.1 SP5
GE Fanuc CIMPLICITY HMI 6.1
Not affected system:
GE Fanuc CIMPLICITY 7.0 SIM9
Description:
GE Fanuc CIMPLICITY is uses in monitoring and controlling the SCADA system's software which the industrial automation domain uses.
GE Fanuc CIMPLICITY when processing abnormal form request has the crack, the long-distance aggressor possibly uses this crack to control the server.
The default monitor advancement (w32rtr.exe) exists in 32000/TCP on port's CIMPLICITY piles the overflow crack. If the long-distance aggressor has transmitted specially made text to this port, triggers this overflow on the possibility, causes the advancement to collapse or to carry out the random order.
Manufacturer patch:
At present the manufacturer had already issued the promotion patch repairs this security problem, welcome to manufacturer main page downloading:
http://www.gefanuc.com/as_en/products_solutions/hmi_scada/products/proficy_cimplicity.html
|