CVE-2022-2002 GE CIMPLICITY Untrusted Pointer Dereference

GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code...

CVE-2022-2002

CVE-2022-2002 affects GE CIMPLICITY (versions 2022 and prior). The issue is an untrusted pointer dereference in gmmiObj!CGmmiOptionContainer that could allow arbitrary code execution. The CVSS v3.1 base score is 7.8 (HIGH), with LOCAL attack vector and user interaction required. Public exploitati...