ICSA-22-326-04 · Published 2022-11-22 · View on CISA ICS-CERT ↗

GE CIMPLICITY

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could crash the device being accessed or allow arbitrary code execution.

CVE-2022-3084 CVE-2022-2952 CVE-2022-2948 CVE-2022-2002 CVE-2022-3092

GE recommends users refer to the CIMPLICITY Secure Deployment Guide (login required) for mitigations to the reported vulnerabilities. Specific sections to reference include Section 3.5 Projects and Section 4.2 CimView.
For more information about this issue, see the GE Digital Product Security Advisory (login required).
For further questions, users should contact GE.

General Electric (GE)

General Electric (GE) · CIMPLICITY <= 2022

Multiple

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.