CVE-2012-3026
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
01/11/2012
Last modified:
11/04/2025
Description
rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a different vulnerability than CVE-2012-3010 and CVE-2012-3021.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:2.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:3.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:3.0:sp1:*:*:*:*:*:* | ||
| cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:3.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ge:intelligent_platforms_proficy_real-time_information_portal:3.5:sp1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://support.ge-ip.com/support/index?page=kbchannel&id=S%3AKB15050
- http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/15000/KB15050/en_US/GEIP12-10%20Security%20Advisory%20-%20Proficy%20Portal%20rifsrvd.pdf
- http://www.securityfocus.com/bid/55935
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-234-01.pdf
- http://support.ge-ip.com/support/index?page=kbchannel&id=S%3AKB15050
- http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/15000/KB15050/en_US/GEIP12-10%20Security%20Advisory%20-%20Proficy%20Portal%20rifsrvd.pdf
- http://www.securityfocus.com/bid/55935
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-234-01.pdf