Cimplicity Security Vulnerabilities and Issues — Cimplicity CVE List

Lucene search

GeCimplicity

6 matches found

CVE•added 2023/09/05 11:15 p.m.•58 views

CVE-2023-4487

GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software.

7.8CVSS7.8AI score0.00031EPSS

CVE•added 2022/12/08 12:15 a.m.•50 views

CVE-2022-3084

GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code.

7.8CVSS7.8AI score0.00023EPSS

CVE•added 2022/12/08 12:15 a.m.•47 views

CVE-2022-3092

GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code.

7.8CVSS7.9AI score0.00023EPSS

CVE•added 2022/12/07 11:15 p.m.•46 views

CVE-2022-2002

GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.

7.8CVSS7.9AI score0.0002EPSS

CVE•added 2022/12/07 11:15 p.m.•45 views

CVE-2022-2952

GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.

7.8CVSS7.8AI score0.00057EPSS

CVE•added 2022/12/07 11:15 p.m.•42 views

CVE-2022-2948

GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.

7.8CVSS7.9AI score0.00021EPSS