Vulnerability in multiple GE Proficy products
Severity Rating: Medium
· Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions,
· Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and
· Proficy Historian Version 6.0 and prior versions.
A vulnerability has been identified in multiple GE Proficy products. The vulnerability exists due to an unspecified condition in the affected software.
This vulnerability would allow an authenticated, local attacker to access sensitive information from a targeted device, such as a targeted user's password.
Successful exploitation of this vulnerability may allow an attacker to retrieve user passwords.
Users are advised to apply updates.
More information is available on:
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street