Vulnerabilities > GE > Cimplicity > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-05 CVE-2023-4487 Unspecified vulnerability in GE Cimplicity 2023
GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software.
local
low complexity
ge
7.8
2022-12-08 CVE-2022-3084 Unspecified vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code.
local
low complexity
ge
7.8
2022-12-08 CVE-2022-3092 Out-of-bounds Write vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code.
local
low complexity
ge CWE-787
7.8
2022-12-07 CVE-2022-2002 Unspecified vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.
local
low complexity
ge
7.8
2022-12-07 CVE-2022-2948 Unspecified vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.
local
low complexity
ge
7.8
2022-12-07 CVE-2022-2952 Unspecified vulnerability in GE Cimplicity
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.
local
low complexity
ge
7.8