Home arrow US-CERT Computer Emergency Readiness Team arrow GE Fanuc Product Vulnerabilities

GE Fanuc Product Vulnerabilities

Vulnerabilities in GE Fanuc CIMPLICITY and Proficy Real-Time Information Portal could allow an attacker to execute arbitrary code, obtain user credentials, upload and execute arbitrary files, or cause a denial-of-service condition.

US-CERT encourages users to review the following GE Fanuc Knowledgebase Articles for further information:

  • GE Fanuc Proficy Real-Time Information Portal allows arbitrary file upload and execution (KB12460KB12460)
  • GE Fanuc Proficy Real-Time Information Portal transmits authentication credentials in plain text (KB12459KB12459)
  • Buffer Overflow Allows Remote Code Execution (KB12458KB12458)

US-CERT will provide more information as it becomes available.