Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GE Digital CIMPLICITY Process Control
Vulnerability Description
GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
流程控制
Vulnerability Title
GE CIMPLICITY 安全漏洞
Vulnerability Description
GE CIMPLICITY是美国通用电气(GE)公司的一款基于客户端/服务器的HMI/SCADA解决方案。该解决方案能够在企业各个层级之间采集并共享实时和历史数据,实现过程、设备、资源监控的操作可视化。 GE CIMPLICITY 2023 存在安全漏洞,该漏洞源于存在一个过程控制漏洞,该漏洞可能允许本地攻击者在预期的 Web 服务器执行路径中插入恶意配置文件,以提升权限并获得对 HMI 软件的完全控制。
CVSS Information
N/A
Vulnerability Type
N/A