Vulnerabilities > GE > Cimplicity > 6.1

DATE CVE VULNERABILITY TITLE RISK
2022-12-08 CVE-2022-3084 Unspecified vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code.
local
low complexity
ge
7.8
2022-12-08 CVE-2022-3092 Out-of-bounds Write vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code.
local
low complexity
ge CWE-787
7.8
2022-12-07 CVE-2022-2002 Unspecified vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.
local
low complexity
ge
7.8
2022-12-07 CVE-2022-2948 Unspecified vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.
local
low complexity
ge
7.8
2022-12-07 CVE-2022-2952 Unspecified vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.
local
low complexity
ge
7.8
2020-04-15 CVE-2020-6992 Improper Privilege Management vulnerability in GE Cimplicity
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior.
local
low complexity
ge CWE-269
6.7
2017-02-13 CVE-2016-9360 Insufficiently Protected Credentials vulnerability in GE Cimplicity
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions.
local
high complexity
ge CWE-522
6.7
2016-07-15 CVE-2016-5787 Exposure of Resource to Wrong Sphere vulnerability in GE Cimplicity
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.
local
low complexity
ge CWE-668
6.3