ID
VAR-E-201607-0413
CVE
cve_id: | CVE-2016-5787 | Trust: 0.3 |
sources:
BID: 91727
TITLE
GE Proficy HMI SCADA CIMPLICITY CVE-2016-5787 Local Privilege Escalation Vulnerability
Trust: 0.3
sources:
BID: 91727
DESCRIPTION
GE Proficy HMI SCADA CIMPLICITY is prone to a local privilege escalation vulnerability.
An attacker can exploit this vulnerability to gain elevated privileges. This may aid in further attacks.
GE Proficy HMI SCADA CIMPLICITY 8.2 SIM 26 and prior are vulnerable.
Trust: 0.3
sources:
BID: 91727
AFFECTED PRODUCTS
vendor: | general | model: | electric proficy hmi/scada cimplicity sim | scope: | eq | version: | -8.226 | Trust: 0.3 |
vendor: | general | model: | electric proficy hmi/scada cimplicity sim | scope: | eq | version: | -8.219 | Trust: 0.3 |
vendor: | general | model: | electric proficy hmi/scada cimplicity | scope: | eq | version: | -8.2 | Trust: 0.3 |
vendor: | general | model: | electric proficy hmi/scada cimplicity sim | scope: | ne | version: | -8.227 | Trust: 0.3 |
sources:
BID: 91727
EXPLOIT
An attacker can exploit this issue by gaining local interactive access.
Trust: 0.3
sources:
BID: 91727
PRICE
Free
Trust: 0.3
sources:
BID: 91727
TYPE
Design Error
Trust: 0.3
sources:
BID: 91727
CREDITS
Zhou Yu of Acorn Network Security.
Trust: 0.3
sources:
BID: 91727
EXTERNAL IDS
db: | ICS CERT | id: | ICSA-16-194-02 | Trust: 0.3 |
db: | NVD | id: | CVE-2016-5787 | Trust: 0.3 |
db: | BID | id: | 91727 | Trust: 0.3 |
sources:
BID: 91727
REFERENCES
url: | http://www.ge-ip.com/ | Trust: 0.3 |
url: | https://ics-cert.us-cert.gov/advisories/icsa-16-194-02 | Trust: 0.3 |
sources:
BID: 91727
SOURCES
db: | BID | id: | 91727 |
LAST UPDATE DATE
2022-07-27T09:42:31.444000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 91727 | date: | 2016-07-12T00:00:00 |
SOURCES RELEASE DATE
db: | BID | id: | 91727 | date: | 2016-07-12T00:00:00 |