This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects an attempt to exploit a remote code execution vulnerability in the KeyScript ActiveX control from keyhelp.ocx.
Proficy Historian is prone to a remote code-execution vulnerability that affects the 'KeyHelp.ocx' ActiveX control.Specifically, this issue affects the 'LaunchTriPane()' function which executes 'hh.exe' HTML Help executable file with customized command line parameters.
- Proficy Historian 4.5, 4.0, 3.5, and 3.1.Proficy HMI/SCADA 5.1 and 5.0, Proficy Pulse 1.0, Proficy Batch Execution 5.6, and SI7 I/O Driver between 7.20 and 7.42.