GE Digital CIMPLICITY

Risk Summary

Successful exploitation of this vulnerability could allow an adversary to modify the systemwide CIMPLICITY configuration, leading to the arbitrary execution of code.

CVEs (1)

Remediations

• GE Digital CIMPLICITY v11.0, released January 2020, contains mitigation for this local privilege escalation vulnerability. GE Digital recommends all users upgrade to GE CIMPLICITY v11.0 or newer. Other recommendations may mitigate issues, but only installing the most current version will fully address the issue. To obtain the latest version of this product, please contact a GE Digital representative.
• GE Digital provides guidance for users to secure systems, and advises that users running CIMPLICITY adhere to the Secure Deployment Guide found on GE Digital's customer center (requires logon).

Affected Vendors

Affected Products (1)

Affected Sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water