HIGH🇬🇧 English

CVE-2022-2002

CVSS 7.8v3.1pub. 2022-12-07upd. 2024-11-21

GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Ge Cimplicity

    APP
    Ge
    ≤ 2022
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEContainer
CWE
Referencje

Powiązane podatności

CVE-2018-15362CRITICAL9.1ten sam produkt

XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0

CVE-2023-4487HIGH7.8ten sam produkt

GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malici...

CVE-2022-3084HIGH7.8ten sam produkt

GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starti...

CVE-2022-3092HIGH7.8ten sam produkt

GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attac...

CVE-2022-2952HIGH7.8ten sam produkt

GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow star...

CVE-2022-2002 — HIGH 7.8 | CVEbaza.pl