Intrusion Prevention

GE.Proficy.CIMPLICITY.Gefebt.EXE.Remote.Code.Execution

Description

This indicates an attack attempt to exploit a remote Code Execution Vulnerability in GE Proficy CIMPLICITY.
The vulnerability is due to an error when a vulnerable servlet handles a maliciously crafted BCL file. A remote attacker could exploit this to execute arbitrary code execution within the context of the application, via a crafted BCL file.

Affected Products

GE Proficy CIMPLICITY 7.5

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://support.ge-ip.com/support/index?page=kbchannel&id=KB15939

CVE References

CVE-2014-0750