Vulnerability CVE-2016-5787


Published: 2016-07-15

Description:
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
General electric -> Cimplicity 

 References:
https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-16-01
https://ics-cert.us-cert.gov/advisories/ICSA-16-194-02

Copyright 2024, cxsecurity.com

 

Back to Top