HIGH🇵🇱 Wersja polska

CVE-2022-2952

CVSS 7.8v3.1pub. 2022-12-07upd. 2024-11-21

GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Ge Cimplicity

    APP
    Ge
    ≤ 2022
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEContainer
CWE
References

Related vulnerabilities

CVE-2018-15362CRITICAL9.1ten sam produkt

XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0

CVE-2023-4487HIGH7.8ten sam produkt

GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malici...

CVE-2022-3084HIGH7.8ten sam produkt

GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starti...

CVE-2022-3092HIGH7.8ten sam produkt

GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attac...

CVE-2022-2002HIGH7.8ten sam produkt

GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow star...