GE Intelligent Platforms Proficy Historian Data Archiver Buffer Overflow Vulnerability

CVEs (1)

Remediations

• GE Intelligent Platforms has released security advisories and free product updates Software Improvement Modules (SIMS) to address recently reported security vulnerabilities in Proficy software. GE Intelligent Platforms urges all customers to follow the recommendations in the security advisories, which can be found at (http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB14493). A valid GE SSO ID and Customer Service Number are required to access the advisories and updates.
• The following product updates for Proficy Historian address this issue: Proficy Historian 4.0 SIM 12, Proficy Historian 3.5 SIM 17, Proficy Historian 3.1 SIM IH31_11092015699.exe Note: Proficy SIMS are cumulative. All future SIMS will include these updates.
• GE Intelligent Platforms has provided the following instructions for iFix and CIMPLICITY users: iFIX and CIMPLICITY installations: Option 1: If Proficy Historian is in use, refer to the information above for Historian SIM applications and apply the appropriate SIM (update) to the installed version of Proficy Historian.
• Option 2: If Proficy Historian is not in use, uninstall Proficy Historian by following the instructions below: Double click the Add/Remove Programs icon in the Control Panel. The Add/Remove Programs dialog box opens. Select Proficy Historian, and click the Remove button. To uninstall Historian and save the current Historian configuration and data, select Do Not Delete Archives and click Next. To uninstall Historian and delete the current Historian configuration and data, select Delete Archives and click Next. The uninstall proceeds and all Historian components are removed.

Affected Vendors

Affected Products (4)