Vulnerabilities > GE > Ifix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-18 | CVE-2019-18243 | Incorrect Permission Assignment for Critical Resource vulnerability in GE Ifix HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. | 5.5 |
| 2021-02-18 | CVE-2019-18255 | Incorrect Permission Assignment for Critical Resource vulnerability in GE Ifix HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. | 5.5 |
| 2018-10-10 | CVE-2018-17925 | Unspecified vulnerability in GE Ifix Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. | 4.8 |
| 2017-02-13 | CVE-2016-9360 | Insufficiently Protected Credentials vulnerability in GE Cimplicity An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. | 6.7 |