ID

VAR-201607-0454


CVE

CVE-2016-5787


TITLE

General Electric Digital Proficy HMI/SCADA - CIMPLICITY Vulnerability in changing service settings

Trust: 0.8

sources: JVNDB: JVNDB-2016-003795

DESCRIPTION

General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlService settings may be changed by local users. GE Proficy HMI SCADA CIMPLICITY is a client/server based HMI/SCADA solution. GE Proficy HMI SCADA CIMPLICITY has a security vulnerability that allows a local attacker to exploit this vulnerability to increase privileges. This may aid in further attacks. GE Proficy HMI SCADA CIMPLICITY 8.2 SIM 26 and prior are vulnerable

Trust: 2.61

sources: NVD: CVE-2016-5787 // JVNDB: JVNDB-2016-003795 // CNVD: CNVD-2016-04901 // BID: 91727 // IVD: e48555af-f166-4a94-bc44-f644c9893996

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e48555af-f166-4a94-bc44-f644c9893996 // CNVD: CNVD-2016-04901

AFFECTED PRODUCTS

vendor:gemodel:cimplicityscope:eqversion:8.2

Trust: 1.0

vendor:gemodel:cimplicityscope:ltversion:8.2

Trust: 1.0

vendor:general electricmodel:proficy hmi/scada - cimplicityscope:ltversion:8.2 sim 27

Trust: 0.8

vendor:gemodel:cimplicity simscope:ltversion:8.227

Trust: 0.6

vendor:general electricmodel:cimplicityscope:eqversion:8.2

Trust: 0.6

vendor:generalmodel:electric proficy hmi/scada cimplicity simscope:eqversion:-8.226

Trust: 0.3

vendor:generalmodel:electric proficy hmi/scada cimplicity simscope:eqversion:-8.219

Trust: 0.3

vendor:generalmodel:electric proficy hmi/scada cimplicityscope:eqversion:-8.2

Trust: 0.3

vendor:generalmodel:electric proficy hmi/scada cimplicity simscope:neversion:-8.227

Trust: 0.3

vendor:cimplicitymodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: e48555af-f166-4a94-bc44-f644c9893996 // CNVD: CNVD-2016-04901 // BID: 91727 // JVNDB: JVNDB-2016-003795 // CNNVD: CNNVD-201607-339 // NVD: CVE-2016-5787

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-5787
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-5787
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2016-04901
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201607-339
value: MEDIUM

Trust: 0.6

IVD: e48555af-f166-4a94-bc44-f644c9893996
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2016-5787
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-04901
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e48555af-f166-4a94-bc44-f644c9893996
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2016-5787
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.0
impactScore: 3.7
version: 3.1

Trust: 1.0

NVD: CVE-2016-5787
baseSeverity: MEDIUM
baseScore: 5.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: e48555af-f166-4a94-bc44-f644c9893996 // CNVD: CNVD-2016-04901 // JVNDB: JVNDB-2016-003795 // CNNVD: CNNVD-201607-339 // NVD: CVE-2016-5787

PROBLEMTYPE DATA

problemtype:CWE-668

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2016-003795 // NVD: CVE-2016-5787

THREAT TYPE

local

Trust: 0.9

sources: BID: 91727 // CNNVD: CNNVD-201607-339

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201607-339

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-003795

PATCH

title:GED 16-01url:https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-16-01

Trust: 0.8

title:Patch for GE Proficy HMI SCADA CIMPLICITY Local Elevation of Privilege Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/79099

Trust: 0.6

title:GE Proficy HMI SCADA CIMPLICITY Remedial measures for local privilege escalationurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62916

Trust: 0.6

sources: CNVD: CNVD-2016-04901 // JVNDB: JVNDB-2016-003795 // CNNVD: CNNVD-201607-339

EXTERNAL IDS

db:NVDid:CVE-2016-5787

Trust: 3.5

db:ICS CERTid:ICSA-16-194-02

Trust: 2.7

db:BIDid:91727

Trust: 2.5

db:CNVDid:CNVD-2016-04901

Trust: 0.8

db:CNNVDid:CNNVD-201607-339

Trust: 0.8

db:JVNDBid:JVNDB-2016-003795

Trust: 0.8

db:IVDid:E48555AF-F166-4A94-BC44-F644C9893996

Trust: 0.2

sources: IVD: e48555af-f166-4a94-bc44-f644c9893996 // CNVD: CNVD-2016-04901 // BID: 91727 // JVNDB: JVNDB-2016-003795 // CNNVD: CNNVD-201607-339 // NVD: CVE-2016-5787

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-16-194-02

Trust: 2.7

url:http://www.securityfocus.com/bid/91727

Trust: 1.6

url:https://ge-ip.force.com/communities/en_us/article/ge-digital-security-advisory-ged-16-01

Trust: 1.6

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5787

Trust: 1.4

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5787

Trust: 0.8

url:http://www.ge-ip.com/

Trust: 0.3

sources: CNVD: CNVD-2016-04901 // BID: 91727 // JVNDB: JVNDB-2016-003795 // CNNVD: CNNVD-201607-339 // NVD: CVE-2016-5787

CREDITS

Zhou Yu of Acorn Network Security.

Trust: 0.9

sources: BID: 91727 // CNNVD: CNNVD-201607-339

SOURCES

db:IVDid:e48555af-f166-4a94-bc44-f644c9893996
db:CNVDid:CNVD-2016-04901
db:BIDid:91727
db:JVNDBid:JVNDB-2016-003795
db:CNNVDid:CNNVD-201607-339
db:NVDid:CVE-2016-5787

LAST UPDATE DATE

2025-04-12T23:25:45.959000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2016-04901date:2016-07-18T00:00:00
db:BIDid:91727date:2016-07-12T00:00:00
db:JVNDBid:JVNDB-2016-003795date:2016-07-25T00:00:00
db:CNNVDid:CNNVD-201607-339date:2022-02-07T00:00:00
db:NVDid:CVE-2016-5787date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:IVDid:e48555af-f166-4a94-bc44-f644c9893996date:2016-07-18T00:00:00
db:CNVDid:CNVD-2016-04901date:2016-07-18T00:00:00
db:BIDid:91727date:2016-07-12T00:00:00
db:JVNDBid:JVNDB-2016-003795date:2016-07-25T00:00:00
db:CNNVDid:CNNVD-201607-339date:2016-07-14T00:00:00
db:NVDid:CVE-2016-5787date:2016-07-15T16:59:11.423