1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: GE Proficy Historian KeyHelp.ocx CVE-2012-2516

Web Attack: GE Proficy Historian KeyHelp.ocx CVE-2012-2516

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects an attempt to exploit a remote code execution vulnerability in the KeyScript ActiveX control from keyhelp.ocx.

Additional Information

Proficy Historian is prone to a remote code-execution vulnerability that affects the 'KeyHelp.ocx' ActiveX control.Specifically, this issue affects the 'LaunchTriPane()' function which executes 'hh.exe' HTML Help executable file with customized command line parameters.


  • Proficy Historian 4.5, 4.0, 3.5, and 3.1.Proficy HMI/SCADA 5.1 and 5.0, Proficy Pulse 1.0, Proficy Batch Execution 5.6, and SI7 I/O Driver between 7.20 and 7.42.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube