CVE-2016-5787
MEDIUMGeneral Electric GE Digital Proficy HMI/SCADA - CIMPLICITY <8.2 SIM...
Title source: llmDescription
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-194-02
Permissions Required, Vendor Advisory x_refsource_confirm
https://ge-ip.force.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-16-01
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/91727
Scores
CVSS v3
6.3
EPSS
0.0039
EPSS Percentile
31.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Details
CWE
CWE-668
Status
published
Products (2)
ge/cimplicity
8.2 sim1 (26 CPE variants)
ge/cimplicity
< 8.2
Published
Jul 15, 2016
Tracked Since
Feb 18, 2026