Known Vulnerabilities for products from Ge
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ge".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Ge can be found at device.report : Ge
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-5909 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-11-30 | 2023-12-06 |
| CVE-2023-5908 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.1 - CRITICAL | 2023-11-30 | 2023-12-06 |
| CVE-2023-4487 json | GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configurati... | 7.8 - HIGH | 2023-09-05 | 2023-09-09 |
| CVE-2023-3463 json | All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources a... | 9.8 - CRITICAL | 2023-07-19 | 2023-07-28 |
| CVE-2023-1552 json | ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or wh... | 7.8 - HIGH | 2023-04-11 | 2023-04-20 |
| CVE-2023-0898 json | General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the ... | 7.3 - HIGH | 2023-11-07 | 2023-11-14 |
| CVE-2023-0755 json | The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the ser... | 9.8 - CRITICAL | 2023-02-23 | 2023-11-07 |
| CVE-2023-0754 json | The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server ... | 9.8 - CRITICAL | 2023-02-23 | 2023-11-07 |
| CVE-2023-0598 json | GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection... | 9.8 - CRITICAL | 2023-03-16 | 2023-11-07 |
| CVE-2022-46732 json | Even if the authentication fails for local service authentication, the requested command could still execute regardless of au... | 9.8 - CRITICAL | 2023-01-18 | 2023-11-07 |
| CVE-2022-46660 json | An unauthorized user could alter or write files with full control over the path and content of the file. | 6.5 - MEDIUM | 2023-01-18 | 2023-11-07 |
| CVE-2022-46331 json | An unauthorized user could possibly delete any file on the system. | 8.1 - HIGH | 2023-01-18 | 2023-11-07 |
| CVE-2022-43977 json | An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. The debug port accessible via... | 9.8 - CRITICAL | 2023-01-17 | 2023-01-26 |
| CVE-2022-43976 json | An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. Direct acce... | 9.8 - CRITICAL | 2023-01-17 | 2023-01-26 |
| CVE-2022-43975 json | An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. A vulnerabi... | 7.5 - HIGH | 2023-01-17 | 2023-01-30 |
| CVE-2022-43494 json | An unauthorized user could be able to read any file on the system, potentially exposing sensitive information. | 6.5 - MEDIUM | 2023-01-18 | 2023-11-07 |
| CVE-2022-38469 json | An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords... | 7.5 - HIGH | 2023-01-18 | 2023-11-07 |
| CVE-2022-37953 json | An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (| 6.1 - MEDIUM
|
2022-08-25
|
2022-08-29
|
|
| CVE-2022-37952 json | A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (| 6.1 - MEDIUM
|
2022-08-25
|
2022-08-29
|
|
| CVE-2022-24120 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.6 - MEDIUM | 2022-12-26 | 2023-01-05 |