CVE-2016-5787 Information
Feb 14, 2021
cve
Description
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs which allows local users to modify a service configuration via unspecified vectors.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Reference
http://www.securityfocus.com/bid/91727 https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-16-01 https://ics-cert.us-cert.gov/advisories/ICSA-16-194-02
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
LOW
Base Severity
5.7
Share on: