Vulnerability Description
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.
CVSS Score
6.3
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge | Cimplicity | < 8.2 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/91727Broken LinkThird Party AdvisoryVDB Entry
- https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GPermissions RequiredVendor Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-16-194-02Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/91727Broken LinkThird Party AdvisoryVDB Entry
- https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GPermissions RequiredVendor Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-16-194-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2016-5787?
CVE-2016-5787 is a vulnerability with a CVSS score of 6.3 (MEDIUM). General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.
How severe is CVE-2016-5787?
CVE-2016-5787 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-5787?
Check the references section above for vendor advisories and patch information. Affected products include: Ge Cimplicity.