This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target...
7.8CVSS
7.8AI Score
0.0004EPSS
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of...
7.1CVSS
7.3AI Score
0.0004EPSS
Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication...
9.8CVSS
9.5AI Score
0.002EPSS
An unauthorized user could be able to read any file on the system, potentially exposing sensitive...
6.5CVSS
6.8AI Score
0.001EPSS
8.1CVSS
8.5AI Score
0.001EPSS
An unauthorized user could alter or write files with full control over the path and content of the...
6.5CVSS
7AI Score
0.001EPSS
An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and...
7.5CVSS
7.8AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions), SIMATIC Process Historian 2014 (All versions < SP3 Update 6), SIMATIC Process Historian 2019 (All versions), SIMATIC Process Historian 2020 (All versions). An interface in the software that is used....
8.1CVSS
7.8AI Score
0.001EPSS
7.5CVSS
8.1AI Score
0.001EPSS
Improper handling of exceptional conditions in SuiteLink server while processing command...
7.5CVSS
8.1AI Score
0.001EPSS
7.5CVSS
8.1AI Score
0.001EPSS
7.5CVSS
8.1AI Score
0.001EPSS
9.8CVSS
9.7AI Score
0.002EPSS
7.5CVSS
8.1AI Score
0.001EPSS
In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled...
9.8CVSS
7.4AI Score
0.003EPSS
An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high...
8.8CVSS
8.2AI Score
0.006EPSS
In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the...
8.8CVSS
8.3AI Score
0.005EPSS
Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted...
8.8CVSS
8AI Score
0.001EPSS
In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file.....
9.8CVSS
8.6AI Score
0.002EPSS
A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An attacker might use this flaw to make it crash or even execute arbitrary code on the machine where the service is...
9.8CVSS
8.2AI Score
0.008EPSS
In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs...
7.8CVSS
8.4AI Score
0.0004EPSS
In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a...
7CVSS
7.1AI Score
0.0004EPSS
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. An attacker may be able to retrieve user passwords if he or she has...
6.7CVSS
6.3AI Score
0.001EPSS