Vulnerabilities > CVE-2016-5787 - Exposure of Resource to Wrong Sphere vulnerability in GE Cimplicity
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
LOW Summary
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 32 |
Common Weakness Enumeration (CWE)
References
- http://www.securityfocus.com/bid/91727
- http://www.securityfocus.com/bid/91727
- https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-16-01
- https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-16-01
- https://ics-cert.us-cert.gov/advisories/ICSA-16-194-02
- https://ics-cert.us-cert.gov/advisories/ICSA-16-194-02