Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GE Digital CIMPLICITY Heap-based Buffer Overflow
Vulnerability Description
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer overflows, uninitialized pointers, and a heap-based buffer overflow. Successful exploitation could allow an attacker to execute arbitrary code.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
GE CIMPLICITY 缓冲区错误漏洞
Vulnerability Description
GE CIMPLICITY是美国通用电气(GE)公司的一款基于客户端/服务器的HMI/SCADA解决方案。该解决方案能够在企业各个层级之间采集并共享实时和历史数据,实现过程、设备、资源监控的操作可视化。 GE Digital CIMPLICITY存在安全漏洞,该漏洞源于存在基于堆的缓冲区溢出漏洞。攻击者可利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A