Vulnerabilities > CVE-2016-5787 - Exposure of Resource to Wrong Sphere vulnerability in GE Cimplicity

047910
CVSS 6.3 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
LOW
local
low complexity
ge
CWE-668

Summary

General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.

Common Weakness Enumeration (CWE)