Description
The attached security advisory addresses a vulnerability in Proficy Historian, Proficy HMI/SCADA iFIX, Proficy Pulse, Proficy Batch Execution, and the SI7 I/O Driver.
The attached removal tool unregisters and deletes the vulnerable ActiveX control. The SIMs below ensure that Proficy Historian software functions properly once the control is removed - the SIMs do not remove the vulnerability.
SIMs for Proficy HMI/SCADA iFIX referenced in GEIP12-04
Run attached removal tool as per the instructions in the security advisory - no SIMs are required.
SIMs for Proficy Pulse referenced in GEIP12-04
Run attached removal tool as per the instructions in the security advisory - no SIMs are required.
SIMs for Proficy Batch Execution referenced in GEIP12-04
Run attached removal tool as per the instructions in the security advisory - no SIMs are required.
SIMs for the SI7 I/O Driver referenced in GEIP12-04
Run attached removal tool as per the instructions in the security advisory - no SIMs are required.
SIMs for Proficy Historian referenced in GEIP12-04
First apply the SIMs below, then run the attached removal tool as per the instructions in the security advisory.
Proficy Historian 4.5 SIM-20 (Note this issue was addressed in SIM 12 / SIM 20 is cumulative)
Proficy Historian 4.0 SIM 24
Proficy Historian 3.5 SIM 20
Historian: General (Requires iH31_SP1)