Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)

VN-2017-12


Vulnerability in multiple GE Proficy products
Severity Rating: Medium
System Affected:  
 
 
·         Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions,
·         Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and
·         Proficy Historian Version 6.0 and prior versions.
 
A vulnerability has been identified in multiple GE Proficy products. The vulnerability exists due to an unspecified condition in the affected software.
 
This vulnerability would allow an authenticated, local attacker to access sensitive information from a targeted device, such as a targeted user's password.

Successful exploitation of this vulnerability may allow an attacker to retrieve user passwords.
 
Source:
Solution
Users are advised to apply updates.
More information is available on:
Cisco
 
 
Vendor Information
GE
 
CVE Information
 
References
Cisco
 
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis