65 matches found
EUVD-2014-0782
Malware in sbrugna...
EUVD-2018-7240
Malware in sbrugna...
EUVD-2016-10170
Malware in sbrugna...
GE Proficy Cimplicity 7.5 Directory Traversal
GE Proficy Cimplicity version 7.5 proof of concept directory traversal vulnerability that takes advantage of a flaw discovered in 2013. ============================================================================================================================================= | Title : GE Profic...
GE Proficy Cimplicity WebView Substitute.bcl Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'GE Proficy Cimplicity WebView substitute.bcl Directory Traversal', 'Description' = %q This module abuses a directory traversal in G...
The vulnerability of the MSO protocol implementation in the GE Proficy Historian industrial data management platform allows a perpetrator to gain access to read, modify, or delete files.
The vulnerability of the MSO protocol implementation in the GE Proficy Historian industrial data management platform is related to the unlimited loading of dangerous files. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to files by executing the...
The vulnerability of the GE Proficy Historian industrial data management platform, related to weak cryptography for passwords, allows attackers to gain unauthorized access to protected information.
The vulnerability of the GE Proficy Historian industrial data management platform is related to its weak cryptography for passwords. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on January 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...
PT-2023-1154 · Ge · Proficy Historian
Name of the Vulnerable Software and Affected Versions: GE Proficy Historian affected versions not specified Description: The issue is related to the implementation of the MSO protocol in the GE Proficy Historian platform, which allows for unlimited upload of dangerous file types. This could enabl...
PT-2023-1152 · Ge · Proficy Historian
Name of the Vulnerable Software and Affected Versions: GE Proficy Historian affected versions not specified Description: The issue is related to insufficient access control, allowing an unauthorized user to potentially delete any file on the system. It may enable a remote attacker to read, modify...
CVE-2022-21798 ICSA-22-053-02 GE Proficy CIMPLICITY-Cleartext
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system...
CVE-2022-23921 ICSA-22-053-01 GE Proficy CIMPLICITY-IPM
Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and t...
CVE-2018-15362
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...
Design/Logic Flaw
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...
CVE-2018-15362
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...
GE Proficy GDS
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: General Electric GE Equipment: Proficy GDS Vulnerability: XXE 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to initiate an OPC UA session and retrieve an...
Session fixation
An issue was discovered in General Electric GE Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. An attacker may be able to retrieve user passwords if he or she has acces...
GE Proficy HMI SCADA CIMPLICITY Local Privilege Vulnerability
GE Proficy HMI SCADA CIMPLICITY is a client/server based HMI/SCADA solution. A security vulnerability exists in GE Proficy HMI SCADA CIMPLICITY that allows a local attacker to exploit the vulnerability to elevate privileges...
GE Proficy HMI/SCADA CIMPLICITY 8.2 local mention the right vulnerability
No description provided by source...
GE Proficy HMI SCADA CIMPLICITY Privilege Management Vulnerability
OVERVIEW Zhou Yu of Acorn Network Security identified an improper privilege management vulnerability and recently released exploit code for the GE Proficy HMI/SCADA CIMPLICITY application without coordination with ICS-CERT, the vendor, or any other coordinating entity known to ICS-CERT. GE produc...