ICSA-23-017-01 · Published 2023-01-17 · View on CISA ICS-CERT ↗

GE Digital Proficy Historian

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could crash the device after access, cause a buffer overflow condition, and allow remote code execution.

CVEs (5)

CVE-2022-46732 CVE-2022-46660 CVE-2022-43494 CVE-2022-46331 CVE-2022-38469

Remediations

GE Digital released Proficy Historian 2023 to mitigate these vulnerabilities. SIMs have also been released for all affected versions.
Users can find out more about the vulnerabilities, how to obtain, and install the updates by visiting this notification document from GE Digital.

Affected Vendors

GE Digital

Affected Products (1)

GE Digital · Proficy Historian >= v7.0

Affected Sectors

Multiple Industries

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more