← Back to home
ICSA-17-278-01A  ·  Published 2017-10-10  ·  View on CISA ICS-CERT ↗

GE CIMPLICITY (Update A)

CVSS 6.8 MEDIUM

Risk Summary

ATTENTION: Remotely exploitable/low skill level to exploit.

CVEs (1)

Remediations

  • GE has released CIMPLICITY software Version 9.5 and they recommend that users update to that version or the latest version. The Series 90 TCP/IP communications support has been deprecated and users are encouraged to use the “convert to triplex” application tool, which has been available since CIMPLICITY Version 6.1, to obtain communication support if needed. Documentation and information on procedures, as well as the upgrade to Version 9.5, can be located at the following location (login required):

Affected Vendors

General Electric (GE)

Affected Products (1)

General Electric (GE) · CIMPLICITY <= 9.0

Affected Sectors

Chemical, Critical Manufacturing, Dams, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more