← Back to home
ICSA-22-053-02  ·  Published 2022-02-22  ·  View on CISA ICS-CERT ↗

GE Proficy CIMPLICITY-Cleartext

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to capture a connection session, resulting in disclosure of sensitive information.

CVEs (1)

Remediations

  • Users are advised to refer to the Secure Deployment Guide on how to configure communication encryption.
  • Users are encouraged to review the CIMPLICITY Windows Hardening Guide and Recommendations for further IPSEC configuration guidance found in the section titled “Appendix A IPSEC Configuration.”
  • Users are encouraged to contact a GE representative to obtain the latest versions of CIMPLICITY.

Affected Vendors

General Electric (GE)

Affected Products (1)

General Electric (GE) · Proficy CIMPLICITY vers:all/*

Affected Sectors

Multiple Sectors

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more