GE Proficy Historian is prone to a Code execution vulnerability in the KeyScript ActiveX control from keyhelp.ocx. The function LaunchTriPane use the -decompile option and can be abused to write arbitrary files on the remote system. The attacker must entice a victim into browsing a specially crafted web page. The LaunchTriPane ActiveX method request crafted chm files and write the embeded binaries in a controlled location may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
CVE Link
Exploit Platform
Exploit Type
Product Name