threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ge cimplicity
Product
ge cimplicity
13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-4487
all versions
GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration fil
7.8
HIGH
CVE-2023-3463
all versions
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vul
6.6
MEDIUM
CVE-2022-3092
<= 2022
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbit
7.8
HIGH
CVE-2022-3084
<= 2022
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiR
7.8
HIGH
CVE-2022-2952
<= 2022
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmm
7.8
HIGH
CVE-2022-2948
<= 2022
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arb
7.8
HIGH
CVE-2022-2002
<= 2022
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmm
7.8
HIGH
CVE-2022-21798
all versions
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easil
7.5
HIGH
CVE-2020-6992
<= 10.0
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If
6.7
MEDIUM
CVE-2018-15362
all versions
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0
9.1
CRITICAL
CVE-2016-9360
<= 9.0
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA C
6.7
MEDIUM
CVE-2016-5787
< 8.2
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users
6.3
MEDIUM
CVE-2008-0176
<= 6.1_sp6_hf_010708_162517_6106
Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin