Vulnerability-Lookup

CVE-2008-0176 (GCVE-0-2008-0176)

Vulnerability from cvelistv5 – Published: 2008-01-29 01:00 – Updated: 2024-08-07 07:39

Summary

Severity ?

No CVSS data available.

CWE

Assigner

certcc

References

URL

Tags

	http://securityreason.com/securityalert/3592	third-party-advisoryx_refsource_SREASON
	http://www.securityfocus.com/bid/27447	vdb-entryx_refsource_BID
	http://www.securityfocus.com/archive/1/487076/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/28663	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1019275	vdb-entryx_refsource_SECTRACK
	http://support.gefanuc.com/support/index?page=kbc…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2008/0306	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/487241/100…	mailing-listx_refsource_BUGTRAQ
	http://www.kb.cert.org/vuls/id/308556	third-party-advisoryx_refsource_CERT-VN

Date Public ?

2008-01-25 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:39:35.217Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "3592",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3592"
          },
          {
            "name": "27447",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27447"
          },
          {
            "name": "20080125 C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/487076/100/0/threaded"
          },
          {
            "name": "28663",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28663"
          },
          {
            "name": "1019275",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019275"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458"
          },
          {
            "name": "ADV-2008-0306",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0306"
          },
          {
            "name": "20080129 Re: C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/487241/100/0/threaded"
          },
          {
            "name": "VU#308556",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/308556"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-01-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "3592",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3592"
        },
        {
          "name": "27447",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27447"
        },
        {
          "name": "20080125 C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/487076/100/0/threaded"
        },
        {
          "name": "28663",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28663"
        },
        {
          "name": "1019275",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019275"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458"
        },
        {
          "name": "ADV-2008-0306",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0306"
        },
        {
          "name": "20080129 Re: C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/487241/100/0/threaded"
        },
        {
          "name": "VU#308556",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/308556"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2008-0176",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "3592",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3592"
            },
            {
              "name": "27447",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27447"
            },
            {
              "name": "20080125 C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/487076/100/0/threaded"
            },
            {
              "name": "28663",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28663"
            },
            {
              "name": "1019275",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019275"
            },
            {
              "name": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458",
              "refsource": "CONFIRM",
              "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458"
            },
            {
              "name": "ADV-2008-0306",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0306"
            },
            {
              "name": "20080129 Re: C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/487241/100/0/threaded"
            },
            {
              "name": "VU#308556",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/308556"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2008-0176",
    "datePublished": "2008-01-29T01:00:00.000Z",
    "dateReserved": "2008-01-09T00:00:00.000Z",
    "dateUpdated": "2024-08-07T07:39:35.217Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2008-0176",
      "date": "2026-05-01",
      "epss": "0.29922",
      "percentile": "0.96666"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-0176\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2008-01-29T02:00:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en mont\u00edculo en w32rtr.exe de GE Fanuc CIMPLICITY HMI SCADA system 7.0 versiones anteriores a 7.0 SIM 9, y versiones anteriores a 6.1 SP6 Hot fix - 010708_162517_6106, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores desconocidos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge_fanuc:cimplicity:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.1_sp6_hf_010708_162517_6106\",\"matchCriteriaId\":\"C9F476A8-BF15-4CBE-B70E-9678EA01DCC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ge_fanuc:cimplicity:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.0_sim8\",\"matchCriteriaId\":\"32225239-A0F7-4F30-8E11-FA4664CD23EE\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/28663\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3592\",\"source\":\"cret@cert.org\"},{\"url\":\"http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/308556\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/487076/100/0/threaded\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/487241/100/0/threaded\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/bid/27447\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securitytracker.com/id?1019275\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0306\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/28663\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3592\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/308556\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/487076/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/487241/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/27447\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019275\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0306\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-200801-0249

Vulnerability from variot - Updated: 2025-04-10 23:16

Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors. GE Fanuc CIMPLICITY HMI Contains a heap buffer overflow vulnerability. GE Fanuc CIMPLICITY HMI Is a product used for monitoring and controlling production information systems. this CIMPLICITY Network service processes (w32rtr.exe) Contains a heap buffer overflow vulnerability on both the server and the client. Attackers have this vulnerability CIMPLICITY HMI This vulnerability could be exploited by sending crafted packets to the system.Arbitrary code execution or denial of service by a remote attacker (DoS) There is a possibility of being attacked.

GE Fanuc CIMPLICITY has a vulnerability in processing malformed requests. Remote attackers could use this vulnerability to control servers. An attacker can exploit this issue to execute arbitrary code or cause denial-of-service conditions. Versions prior to CIMPLICITY 7.0 SIM 9 are vulnerable.

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.

Download and test it today: https://psi.secunia.com/

Read more about this new version: https://psi.secunia.com/?page=changelog

TITLE: Proficy HMI/SCADA - CIMPLICITY w32rtr.exe Packet Processing Buffer Overflow

SECUNIA ADVISORY ID: SA28663

VERIFY ADVISORY: http://secunia.com/advisories/28663/

CRITICAL: Moderately critical

IMPACT: DoS, System access

WHERE:

From local network

SOFTWARE: Proficy HMI/SCADA - CIMPLICITY 6.x http://secunia.com/product/11105/ Proficy HMI/SCADA - CIMPLICITY 7.x http://secunia.com/product/17337/

DESCRIPTION: Eyal Udassin has reported a vulnerability in Proficy HMI/SCADA - CIMPLICITY, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

The vulnerability is caused due to a boundary error in w32rtr.exe when processing packets and can be exploited to cause a heap-based buffer overflow by sending a specially-crafted packet to default port 32000/TCP.

The vulnerability is reported in version 6.1.

SOLUTION: Apply hotfixes. Please see the vendor's advisory for details.

CIMPLICITY 6.1 SP6 Hot Fix - 010708_162517_6106
CIMPLICITY 7.0 SIM 9

PROVIDED AND/OR DISCOVERED BY: Eyal Udassin, C4 Security

ORIGINAL ADVISORY: GE Fanuc (KB12458): http://support.gefanuc.com/support/index?page=kbchannel&id=KB12458

C4 Security (via BugTraq): http://archives.neohapsis.com/archives/bugtraq/2008-01/0372.html

OTHER REFERENCES: US-CERT VU#308556: http://www.kb.cert.org/vuls/id/308556

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. Background

Vendor product information: CIMPLICITY is a powerful and technically advanced HMI/SCADA product. With its open system design approach, true client/server architecture, and the latest web technologies, CIMPLICITY allows you to realize the benefits of digitization for the collection, monitoring, supervisory control and sharing of critical process and production data throughout your operations CIMPLICITY has been used in all industries -- from process to discrete, to system monitoring. It is extremely well suited for discrete applications, and handles very large amounts of digital signals and alarm bursts. Its advanced Client/Sever architecture makes it easy to start small and expand your system. The description of the vulnerability is intentionally limited as this software controls critical national infrastructure.

Impact

An attacker can compromise the Cimplicity 6.1 control server, and each of the operator workstations.

Workaround/Fix

The vendor issued a hotfix to resolve this vulnerability

Additional Information

For additional information please contact us at info@c4-security.com. Note that we will respond only to verified utility personnel and governmental agencies. The CVE identifier assigned to this vulnerability by CERT is CVE-2008-0176

Credit

This vulnerability was discovered and exploited by Gilad Bakas and Eyal Udassin of C4.

Regards,

Eyal Udassin - C4 (Formerly Swift Coders) 33 Jabotinsky St. The Twin Towers #1, Ramat Gan, Israel eyal.udassin@c4-security.com / www.c4-security.com http://www.c4-security.com/ +972-547-684989

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200801-0249",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "cimplicity",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ge fanuc",
        "version": "7.0_sim8"
      },
      {
        "model": "cimplicity",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ge fanuc",
        "version": "6.1_sp6_hf_010708_162517_6106"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cimplicity",
        "version": "*"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ge fanuc",
        "version": null
      },
      {
        "model": "cimplicity",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "ge fanuc",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.6,
        "vendor": "none",
        "version": null
      },
      {
        "model": "cimplicity",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ge fanuc",
        "version": "6.1_sp6_hf_010708_162517_6106"
      },
      {
        "model": "cimplicity",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ge fanuc",
        "version": "7.0_sim8"
      },
      {
        "model": "fanuc cimplicity sim8",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "7.0"
      },
      {
        "model": "fanuc cimplicity sim7",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "7.0"
      },
      {
        "model": "fanuc cimplicity sp6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "6.1"
      },
      {
        "model": "fanuc cimplicity sp5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "6.1"
      },
      {
        "model": "fanuc cimplicity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "6.1"
      },
      {
        "model": "fanuc cimplicity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "6.0"
      },
      {
        "model": "fanuc cimplicity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ge",
        "version": "0"
      },
      {
        "model": "fanuc cimplicity sim9",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ge",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "db": "CERT/CC",
        "id": "VU#308556"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2008-0434"
      },
      {
        "db": "BID",
        "id": "27447"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0176"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:ge_fanuc:cimplicity",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Douglas A. Stewart of CERT as well as Gilad Bakas and Eyal Udassin of C4 are credited with the discovery of this vulnerability.",
    "sources": [
      {
        "db": "BID",
        "id": "27447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2008-0176",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2008-0176",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "067d2766-2352-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "7d7ae201-463f-11e9-819f-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2008-0176",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#308556",
            "trust": 0.8,
            "value": "3.01"
          },
          {
            "author": "NVD",
            "id": "CVE-2008-0176",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200801-410",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "067d2766-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "7d7ae201-463f-11e9-819f-000c29342cb1",
            "trust": 0.2,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "db": "CERT/CC",
        "id": "VU#308556"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0176"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors. GE Fanuc CIMPLICITY HMI Contains a heap buffer overflow vulnerability. GE Fanuc CIMPLICITY HMI Is a product used for monitoring and controlling production information systems. this CIMPLICITY Network service processes (w32rtr.exe) Contains a heap buffer overflow vulnerability on both the server and the client. Attackers have this vulnerability CIMPLICITY HMI This vulnerability could be exploited by sending crafted packets to the system.Arbitrary code execution or denial of service by a remote attacker (DoS) There is a possibility of being attacked. \n\n\u00a0GE Fanuc CIMPLICITY has a vulnerability in processing malformed requests. Remote attackers could use this vulnerability to control servers. \nAn attacker can exploit this issue to execute arbitrary code or cause denial-of-service conditions. \nVersions prior to CIMPLICITY 7.0 SIM 9 are vulnerable. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nProficy HMI/SCADA - CIMPLICITY w32rtr.exe Packet Processing Buffer\nOverflow\n\nSECUNIA ADVISORY ID:\nSA28663\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/28663/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nProficy HMI/SCADA - CIMPLICITY 6.x\nhttp://secunia.com/product/11105/\nProficy HMI/SCADA - CIMPLICITY 7.x\nhttp://secunia.com/product/17337/\n\nDESCRIPTION:\nEyal Udassin has reported a vulnerability in Proficy HMI/SCADA -\nCIMPLICITY, which can be exploited by malicious people to cause a DoS\n(Denial of Service) or compromise a vulnerable system. \n\nThe vulnerability is caused due to a boundary error in w32rtr.exe\nwhen processing packets and can be exploited to cause a heap-based\nbuffer overflow by sending a specially-crafted packet to default port\n32000/TCP. \n\nThe vulnerability is reported in version 6.1. \n\nSOLUTION:\nApply hotfixes. Please see the vendor\u0027s advisory for details. \n\n* CIMPLICITY 6.1 SP6 Hot Fix - 010708_162517_6106\n* CIMPLICITY 7.0 SIM 9\n\nPROVIDED AND/OR DISCOVERED BY:\nEyal Udassin, C4 Security\n\nORIGINAL ADVISORY:\nGE Fanuc (KB12458):\nhttp://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458\n\nC4 Security (via BugTraq):\nhttp://archives.neohapsis.com/archives/bugtraq/2008-01/0372.html\n\nOTHER REFERENCES:\nUS-CERT VU#308556:\nhttp://www.kb.cert.org/vuls/id/308556\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Background\n-----------------\nVendor product information:\nCIMPLICITY is a powerful and technically advanced HMI/SCADA product. With\nits open system design approach, true client/server architecture, and the\nlatest web technologies, CIMPLICITY allows you to realize the benefits of\ndigitization for the collection, monitoring, supervisory control and sharing\nof critical process and production data throughout your operations\nCIMPLICITY has been used in all industries -- from process to discrete, to\nsystem monitoring. It is extremely well suited for discrete applications,\nand handles very large amounts of digital signals and alarm bursts. Its\nadvanced Client/Sever architecture makes it easy to start small and expand\nyour system. \nThe description of the vulnerability is intentionally limited as this\nsoftware controls critical national infrastructure. \n \nImpact\n----------\nAn attacker can compromise the Cimplicity 6.1 control server, and each of\nthe operator workstations. \n \nWorkaround/Fix\n-----------------------\nThe vendor issued a hotfix to resolve this vulnerability \n \nAdditional Information\n-------------------------------\nFor additional information please contact us at info@c4-security.com. Note\nthat we will respond only to verified utility personnel and governmental\nagencies. \nThe CVE identifier assigned to this vulnerability by CERT is CVE-2008-0176\n \nCredit\n--------\nThis vulnerability was discovered and exploited by Gilad Bakas and Eyal\nUdassin of C4. \n \nRegards,\n \nEyal Udassin - C4 (Formerly Swift Coders)\n33 Jabotinsky St. The Twin Towers #1, Ramat Gan, Israel\neyal.udassin@c4-security.com / www.c4-security.com\n\u003chttp://www.c4-security.com/\u003e \n+972-547-684989\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-0176"
      },
      {
        "db": "CERT/CC",
        "id": "VU#308556"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2008-0434"
      },
      {
        "db": "BID",
        "id": "27447"
      },
      {
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "db": "PACKETSTORM",
        "id": "63057"
      },
      {
        "db": "PACKETSTORM",
        "id": "63004"
      }
    ],
    "trust": 3.69
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-0176",
        "trust": 3.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#308556",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "27447",
        "trust": 2.7
      },
      {
        "db": "SECUNIA",
        "id": "28663",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1019275",
        "trust": 2.4
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-0306",
        "trust": 1.6
      },
      {
        "db": "SREASON",
        "id": "3592",
        "trust": 1.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2008-0434",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-410",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054",
        "trust": 0.8
      },
      {
        "db": "BUGTRAQ",
        "id": "20080125 C4 SECURITY ADVISORY - GE FANUC CIMPLICITY 6.1 HEAP OVERFLOW",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20080129 RE: C4 SECURITY ADVISORY - GE FANUC CIMPLICITY 6.1 HEAP OVERFLOW",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "067D2766-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D7AE201-463F-11E9-819F-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "63057",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "63004",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "db": "CERT/CC",
        "id": "VU#308556"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2008-0434"
      },
      {
        "db": "BID",
        "id": "27447"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      },
      {
        "db": "PACKETSTORM",
        "id": "63057"
      },
      {
        "db": "PACKETSTORM",
        "id": "63004"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0176"
      }
    ]
  },
  "id": "VAR-200801-0249",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2008-0434"
      }
    ],
    "trust": 0.1
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2008-0434"
      }
    ]
  },
  "last_update_date": "2025-04-10T23:16:41.721000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Securing Your HMI/SCADA Systems",
        "trust": 0.8,
        "url": "http://www.gefanuc.com/as_en/gefanuc/resource_center/hmi_scada/hmiscada_security.html"
      },
      {
        "title": "KB12458",
        "trust": 0.8,
        "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0176"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=kb12458"
      },
      {
        "trust": 2.4,
        "url": "http://secunia.com/advisories/28663"
      },
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/27447"
      },
      {
        "trust": 2.4,
        "url": "http://www.securitytracker.com/id?1019275"
      },
      {
        "trust": 2.2,
        "url": "http://www.kb.cert.org/vuls/id/308556"
      },
      {
        "trust": 1.6,
        "url": "http://securityreason.com/securityalert/3592"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2008/0306"
      },
      {
        "trust": 1.0,
        "url": "http://www.vupen.com/english/advisories/2008/0306"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/archive/1/487076/100/0/threaded"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/archive/1/487241/100/0/threaded"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/archive/1/487076/30/0/threaded"
      },
      {
        "trust": 0.8,
        "url": "http://www.gefanuc.com/as_en/gefanuc/resource_center/hmi_scada/hmiscada_security.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0176"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu%23308556/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0176"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/487076/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/487241/100/0/threaded"
      },
      {
        "trust": 0.3,
        "url": "http://www.gefanuc.com/as_en/products_solutions/hmi_scada/products/proficy_cimplicity.html"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/487076"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/487241"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/?page=changelog"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/11105/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/28663/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/17337/"
      },
      {
        "trust": 0.1,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2008-01/0372.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.c4-security.com/\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0176"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#308556"
      },
      {
        "db": "BID",
        "id": "27447"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      },
      {
        "db": "PACKETSTORM",
        "id": "63057"
      },
      {
        "db": "PACKETSTORM",
        "id": "63004"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0176"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "db": "CERT/CC",
        "id": "VU#308556"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2008-0434"
      },
      {
        "db": "BID",
        "id": "27447"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      },
      {
        "db": "PACKETSTORM",
        "id": "63057"
      },
      {
        "db": "PACKETSTORM",
        "id": "63004"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0176"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-01-24T00:00:00",
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2008-01-24T00:00:00",
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "date": "2008-01-25T00:00:00",
        "db": "CERT/CC",
        "id": "VU#308556"
      },
      {
        "date": "2008-01-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2008-0434"
      },
      {
        "date": "2008-01-24T00:00:00",
        "db": "BID",
        "id": "27447"
      },
      {
        "date": "2008-02-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      },
      {
        "date": "2008-01-29T00:00:58",
        "db": "PACKETSTORM",
        "id": "63057"
      },
      {
        "date": "2008-01-26T00:10:20",
        "db": "PACKETSTORM",
        "id": "63004"
      },
      {
        "date": "2008-01-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      },
      {
        "date": "2008-01-29T02:00:00",
        "db": "NVD",
        "id": "CVE-2008-0176"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-01-25T00:00:00",
        "db": "CERT/CC",
        "id": "VU#308556"
      },
      {
        "date": "2008-01-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2008-0434"
      },
      {
        "date": "2008-01-29T16:27:00",
        "db": "BID",
        "id": "27447"
      },
      {
        "date": "2008-02-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001054"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      },
      {
        "date": "2025-04-09T00:30:58.490000",
        "db": "NVD",
        "id": "CVE-2008-0176"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "GE-Fanuc CIMPLICITY w32rtr.exe Remote Heap Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2008-0434"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "067d2766-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d7ae201-463f-11e9-819f-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-410"
      }
    ],
    "trust": 1.0
  }
}

GSD-2008-0176

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2008-0176

Aliases

CVE-2008-0176

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-0176",
    "description": "Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors.",
    "id": "GSD-2008-0176"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0176"
      ],
      "details": "Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors.",
      "id": "GSD-2008-0176",
      "modified": "2023-12-13T01:22:59.018492Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2008-0176",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "3592",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/3592"
          },
          {
            "name": "27447",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/27447"
          },
          {
            "name": "20080125 C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/487076/100/0/threaded"
          },
          {
            "name": "28663",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28663"
          },
          {
            "name": "1019275",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1019275"
          },
          {
            "name": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458",
            "refsource": "CONFIRM",
            "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458"
          },
          {
            "name": "ADV-2008-0306",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0306"
          },
          {
            "name": "20080129 Re: C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/487241/100/0/threaded"
          },
          {
            "name": "VU#308556",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/308556"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:cimplicity:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.1_sp6_hf_010708_162517_6106",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ge_fanuc:cimplicity:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0_sim8",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2008-0176"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458"
            },
            {
              "name": "VU#308556",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/308556"
            },
            {
              "name": "27447",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/27447"
            },
            {
              "name": "1019275",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019275"
            },
            {
              "name": "28663",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28663"
            },
            {
              "name": "3592",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/3592"
            },
            {
              "name": "ADV-2008-0306",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0306"
            },
            {
              "name": "20080129 Re: C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/487241/100/0/threaded"
            },
            {
              "name": "20080125 C4 Security Advisory - GE Fanuc Cimplicity 6.1 Heap Overflow",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/487076/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T21:58Z",
      "publishedDate": "2008-01-29T02:00Z"
    }
  }
}

FKIE_CVE-2008-0176

Vulnerability from fkie_nvd - Published: 2008-01-29 02:00 - Updated: 2026-04-23 00:35

Severity ?

Summary

References

URL	Tags
cret@cert.org	http://secunia.com/advisories/28663	Vendor Advisory
cret@cert.org	http://securityreason.com/securityalert/3592
cret@cert.org	http://support.gefanuc.com/support/index?page=kbchannel&id=KB12458
cret@cert.org	http://www.kb.cert.org/vuls/id/308556	US Government Resource
cret@cert.org	http://www.securityfocus.com/archive/1/487076/100/0/threaded
cret@cert.org	http://www.securityfocus.com/archive/1/487241/100/0/threaded
cret@cert.org	http://www.securityfocus.com/bid/27447
cret@cert.org	http://www.securitytracker.com/id?1019275
cret@cert.org	http://www.vupen.com/english/advisories/2008/0306
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28663	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3592
af854a3a-2127-422b-91ae-364da2661108	http://support.gefanuc.com/support/index?page=kbchannel&id=KB12458
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/308556	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/487076/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/487241/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27447
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019275
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0306

Impacted products

	Vendor	Product	Version
	ge_fanuc	cimplicity	*
	ge_fanuc	cimplicity	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ge_fanuc:cimplicity:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F476A8-BF15-4CBE-B70E-9678EA01DCC5",
              "versionEndIncluding": "6.1_sp6_hf_010708_162517_6106",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ge_fanuc:cimplicity:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32225239-A0F7-4F30-8E11-FA4664CD23EE",
              "versionEndIncluding": "7.0_sim8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en w32rtr.exe de GE Fanuc CIMPLICITY HMI SCADA system 7.0 versiones anteriores a 7.0 SIM 9, y versiones anteriores a 6.1 SP6 Hot fix - 010708_162517_6106, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores desconocidos."
    }
  ],
  "id": "CVE-2008-0176",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-01-29T02:00:00.000",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28663"
    },
    {
      "source": "cret@cert.org",
      "url": "http://securityreason.com/securityalert/3592"
    },
    {
      "source": "cret@cert.org",
      "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/308556"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/archive/1/487076/100/0/threaded"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/archive/1/487241/100/0/threaded"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/27447"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id?1019275"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.vupen.com/english/advisories/2008/0306"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28663"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3592"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/308556"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/487076/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/487241/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27447"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019275"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0306"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-7WPP-CM3H-C84R

Vulnerability from github – Published: 2022-05-01 23:28 – Updated: 2022-05-01 23:28

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-0176"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-01-29T02:00:00Z",
    "severity": "HIGH"
  },
  "details": "Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors.",
  "id": "GHSA-7wpp-cm3h-c84r",
  "modified": "2022-05-01T23:28:07Z",
  "published": "2022-05-01T23:28:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0176"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28663"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/3592"
    },
    {
      "type": "WEB",
      "url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12458"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/308556"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/487076/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/487241/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/27447"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019275"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0306"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-0176 (GCVE-0-2008-0176)

VAR-200801-0249

. Background

Impact

Workaround/Fix

Additional Information

Credit

GSD-2008-0176

FKIE_CVE-2008-0176

GHSA-7WPP-CM3H-C84R

Tags

Sightings

Nomenclature