Lucene search
K

35 matches found

Zero Day Initiative
Zero Day Initiative
added 2022/09/29 12:0 a.m.12 views

(0Day) GE CIMPLICITY CIM File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE CIMPLICITY. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CIM...

7.8CVSS6.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2022/09/29 12:0 a.m.12 views

(0Day) GE CIMPLICITY CIM File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE CIMPLICITY. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CIM...

7.8CVSS6.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2022/09/29 12:0 a.m.11 views

(0Day) GE CIMPLICITY CIM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE CIMPLICITY. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CIM...

7.8CVSS6.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2022/09/29 12:0 a.m.12 views

(0Day) GE CIMPLICITY CIM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE CIMPLICITY. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CIM...

7.8CVSS5.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2022/09/29 12:0 a.m.15 views

(0Day) GE CIMPLICITY CIM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE CIMPLICITY. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CIM...

7.8CVSS4.8AI score
Exploits0
Cvelist
Cvelist
added 2020/04/15 4:39 p.m.14 views

CVE-2020-6992

A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an...

6.7AI score0.00376EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.4 views

GE CIMPLICITY Stack Buffer Overflow Vulnerability

GE CIMPLICITY is an HMI software. GE CIMPLICITY suffers from a stack buffer overflow vulnerability that could be exploited by a remote attacker to submit a special request to crash the application or execute arbitrary code...

6.8CVSS7.2AI score0.0075EPSS
Exploits0References1
OSV
OSV
added 2017/10/05 9:29 p.m.4 views

CVE-2017-12732

A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead to an arbitrary remote code execution...

6.8CVSS6.4AI score0.0075EPSS
Exploits0References2
NVD
NVD
added 2017/10/05 9:29 p.m.19 views

CVE-2017-12732

A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead to an arbitrary remote code execution...

6.8CVSS7.1AI score0.0075EPSS
Exploits0References2
Prion
Prion
added 2017/10/05 9:29 p.m.16 views

Stack overflow

A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead to an arbitrary remote code execution...

4.9CVSS7.1AI score0.0075EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/10/05 9:0 p.m.21 views

CVE-2017-12732

A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead to an arbitrary remote code execution...

7.1AI score0.0075EPSS
Exploits0References2
CVE
CVE
added 2017/10/05 9:0 p.m.44 views

CVE-2017-12732

GE CIMPLICITY (HMI/SCADA) is affected by a Stack-based Buffer Overflow in CIMPLICITY versions 9.0 and prior. A function that reads the next packet length does not verify the length, allowing a buffer overwrite and potential arbitrary remote code execution (and device crash). Impact is described a...

6.8CVSS7.1AI score0.0075EPSS
Exploits0References2Affected Software1
ICS
ICS
added 2017/10/05 12:0 a.m.38 views

GE CIMPLICITY

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GE Equipment: CIMPLICITY Vulnerability: Stack-based Buffer Overflow AFFECTED PRODUCTS The following versions of CIMPLICITY, an HMI/SCADA management platform, are affected: CIMPLICITY Versions 9.0 and prior. IMPACT...

6.8CVSS1AI score0.0075EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2013/04/09 12:0 a.m.15 views

GE Cimplicity HMI/SCADA Server Detection

Binary data 6749.prm...

7.3AI score
Exploits0References1
ICS
ICS
added 2013/03/22 6:0 a.m.50 views

GE Proficy HMI/SCADA CIMPLICITY WebView Improper Input Validation

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on June 19, 2013, and is now being released to the ICS-CERT-Web page. Independent researchers ZombiE and amisto0x07 have identified an improper input validation vulnerability in the GE CIMPLICITY WebView application...

9.3CVSS7.5AI score0.03769EPSS
Exploits0References10
Rows per page
Query Builder