Vulnerabilities > GE > Cimplicity > 7.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-08 | CVE-2022-3084 | Unspecified vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2022-12-08 | CVE-2022-3092 | Out-of-bounds Write vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2022-12-07 | CVE-2022-2002 | Unspecified vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2022-12-07 | CVE-2022-2948 | Unspecified vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2022-12-07 | CVE-2022-2952 | Unspecified vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2020-04-15 | CVE-2020-6992 | Improper Privilege Management vulnerability in GE Cimplicity A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. | 6.7 |
| 2017-02-13 | CVE-2016-9360 | Insufficiently Protected Credentials vulnerability in GE Cimplicity An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. | 6.7 |
| 2016-07-15 | CVE-2016-5787 | Exposure of Resource to Wrong Sphere vulnerability in GE Cimplicity General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors. | 6.3 |