162 matches found
CVE-2022-21798
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system...
Privilege escalation
Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and t...
Code injection
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system...
CVE-2022-21798 ICSA-22-053-02 GE Proficy CIMPLICITY-Cleartext
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system...
CVE-2022-21798
CVE-2022-21798 affects GE Proficy CIMPLICITY (CIMPLICITY HMI/SCADA). The vulnerability is “cleartext transmission of credentials” inside the CIMPLICITY network, which can be spoofed to log in and make operational changes. CVSSv3.1 base score 9.8 (CRITICAL) with network access, low attack complexi...
CVE-2022-21798 ICSA-22-053-02 GE Proficy CIMPLICITY-Cleartext
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system...
CVE-2022-23921 ICSA-22-053-01 GE Proficy CIMPLICITY-IPM
Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and t...
CVE-2022-23921 ICSA-22-053-01 GE Proficy CIMPLICITY-IPM
Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and t...
CVE-2022-23921
CVE-2022-23921 affects GE Proficy CIMPLICITY-IPM. Root cause: improper privilege management (CWE-269) leading to local privilege escalation and code execution. Exploitation requires local access: attacker must log in to a CIMPLICITY machine where the CIMPLICITY server is not running a project and...
GE Proficy CIMPLICITY-Cleartext
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to capture a...
GE Proficy CIMPLICITY-IPM 安全漏洞
GE Proficy CIMPLICITY-IPM is GE's for local and cloud storage and analytics. GE Proficy CIMPLICITY-IPM has a security vulnerability, the exploitation of which could lead to local elevation of privilege and code execution.GE maintains that it is only possible for an attacker to log in to access a...
General Electric Proficy Cimplicity 安全漏洞
General Electric Proficy Cimplicity Ge Proficy Cimplicity is a client/server based Hmi/Scada solution from General Electric, USA. It is used to collect and share real-time and historical data at all business levels and provide actionable visibility to monitor and control plant processes, equipmen...
GE Proficy CIMPLICITY-IPM
1. EXECUTIVE SUMMARY CVSS v3 7.5 Vendor: GE Equipment: Proficy CIMPLICITY Vulnerability: Improper Privilege Management 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve both code execution and local privilege escalation. 3. TECHNICAL DETAILS 3.1...
The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY, due to lack of access control mechanisms, allows attackers to execute arbitrary code or escalate their privileges.
The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to execute arbitrary code or enhance their privileges...
CVE-2020-6992
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an...
CVE-2020-6992
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an...
Privilege escalation
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an...
CVE-2020-6992
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an...
CVE-2020-6992
GE Digital CIMPLICITY HMI/SCADA vulnerability CVE-2020-6992 affects CIMPLICITY v10.0 and earlier. It is a local privilege escalation (CWE-269) that requires an authenticated session to modify the system and arbitrarily execute code. Affected component: CIMPLICITY HMI/SCADA software; root cause is...
GE CIMPLICITY Elevation of Privilege Vulnerability
GE CIMPLICITY is a client/server based HMI/SCADA solution from General Electric GE. The solution is capable of capturing and sharing real-time and historical data across all levels of the enterprise, enabling operational visualization of processes, equipment, and resource monitoring. An elevation...