3 matches found
CVE-2022-21798
CVE-2022-21798 affects GE Proficy CIMPLICITY (CIMPLICITY HMI/SCADA). The vulnerability is “cleartext transmission of credentials” inside the CIMPLICITY network, which can be spoofed to log in and make operational changes. CVSSv3.1 base score 9.8 (CRITICAL) with network access, low attack complexi...
CVE-2023-3463
Ge Digital CIMPLICITY is affected by a heap-based buffer overflow due to memory corruption from insufficient input validation. All CIMPLICITY versions are implicated when documents from untrusted sources are accepted, allowing issues such as out-of-bounds reads/writes, use-after-free, and buffer ...
CVE-2016-5787
CVE-2016-5787 affects GE Digital Proficy HMI/SCADA CIMPLICITY, prior to version 8.2 SIM 27. The root cause is improper handling of service DACLs, allowing a local user to modify the CIMPLICITY service configuration via unspecified vectors, enabling privilege elevation by tampering with the servic...