Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ge cimplicity vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-21798
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system.
Ge Cimplicity
7.8
CVSSv3
CVE-2022-2952
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
6.7
CVSSv3
CVE-2020-6992
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only ex...
Ge Cimplicity
1 Github repository
9.8
CVSSv3
CVE-2023-3463
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, st...
Ge Cimplicity
7.8
CVSSv3
CVE-2022-3092
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
7.8
CVSSv3
CVE-2022-2002
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
7.8
CVSSv3
CVE-2022-2948
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
7.8
CVSSv3
CVE-2023-4487
GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local malicious user to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software.
Ge Cimplicity 2023
NA
CVE-2008-0176
Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 prior to 7.0 SIM 9, and previous versions versions prior to 6.1 SP6 Hot fix - 010708_162517_6106, allow remote malicious users to execute arbitrary code via unknown vectors.
Ge Fanuc Cimplicity
NA
CVE-2013-2811
The (1) Catapult DNP3 I/O driver prior to 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver prior to 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow remote malicious us...
Ge Intelligent Platforms Proficy Dnp3 I\\/o Driver 7.20
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 4.01
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 7.5
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.0
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.1
Ge Intelligent Platforms Proficy Hmi\\/scada Cimplicity 8.2
Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.0
Catapultsoftware Catapult Dnp3 I\\/o Driver
Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.1
Ge Intelligent Platforms Proficy Dnp3 I\\/o Driver
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »