Lucene search
IcscertCVELIST:CVE-2022-2948HistoryDec 07, 2022 - 10:58 p.m.
CVE-2022-2948 GE CIMPLICITY Heap-based Buffer Overflow
2022-12-0722:58:15
CWE-122
icscert
www.cve.org
1
ge cimplicity
vulnerability
heap-based buffer overflow
arbitrary code
cve-2022-2948
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
30.5%
GE CIMPICITY versions 2022 and prior is
vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "CIMPLICITY",
"vendor": "GE",
"versions": [
{
"lessThanOrEqual": "v2022",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
GE CIMPLICITY HMI/SCADA Software Buffer Overflow Vulnerability
2022-11-25 00:00:00
cve
cve
CVE-2022-2948
2022-12-07 23:15:09
nvd
nvd
CVE-2022-2948
2022-12-07 23:15:09
prion
prion
Heap overflow
2022-12-07 23:15:00
ics
ics
GE CIMPLICITY
2022-11-22 12:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
30.5%
Related for CVELIST:CVE-2022-2948