CVE-2023-4487 — CVSS 7.8 (high): GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the…
CVE-2022-2002 — CVSS 7.8 (high): GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContain…
CVE-2022-2948 — CVSS 7.8 (high): GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.
CVE-2022-2952 — CVSS 7.8 (high): GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionConta…
CVE-2022-3084 — CVSS 7.8 (high): GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionT…
CVE-2022-3092 — CVSS 7.8 (high): GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code.
CVE-2022-21798 — CVSS 7.5 (high): The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed…
CVE-2016-9360 — CVSS 6.7 (medium): An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY…
CVE-2020-6992 — CVSS 6.7 (medium): A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If…
CVE-2023-3463 — CVSS 6.6 (medium): All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable…
CVE-2016-5787 — CVSS 6.3 (medium): General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify…