GE General Electric
Products by GE Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2024 there have been 0 vulnerabilities in GE . Last year GE had 16 security vulnerabilities published. Right now, GE is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 16 | 8.50 |
2022 | 11 | 7.55 |
2021 | 2 | 5.50 |
2020 | 5 | 7.16 |
2019 | 5 | 7.76 |
2018 | 5 | 7.86 |
It may take a day or so for new GE vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent GE Security Vulnerabilities
KEPServerEX is vulnerable to a buffer overflow which may
CVE-2023-5908
9.1 - Critical
- November 30, 2023
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.
Classic Buffer Overflow
KEPServerEX does not properly validate certificates from clients which may
CVE-2023-5909
7.5 - High
- November 30, 2023
KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.
Improper Certificate Validation
General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application.
CVE-2023-0898
7.3 - High
- November 07, 2023
General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application.
DLL preloading
GE CIMPLICITY 2023 is by a process control vulnerability, which could
CVE-2023-4487
7.8 - High
- September 05, 2023
GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software.
Process Control
All versions of GE Digital CIMPLICITY
CVE-2023-3463
9.8 - Critical
- July 19, 2023
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer overflows, uninitialized pointers, and a heap-based buffer overflow. Successful exploitation could allow an attacker to execute arbitrary code.
Memory Corruption
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability
CVE-2023-1552
7.8 - High
- April 11, 2023
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an untrusted configuration file. Two CVSS scores have been provided to capture the differences between the two aforementioned attack vectors. Customers are advised to update to ToolboxST 7.10 which can be found in ControlST 7.10. If unable to update at this time customers should ensure they are following the guidance laid out in GE Gas Power's Secure Deployment Guide (GEH-6839). Customers should ensure they are not running ToolboxST as an Administrative user.
Marshaling, Unmarshaling
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0
CVE-2022-2825
9.8 - Critical
- March 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-18411.
Stack Overflow
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0
CVE-2022-2848
9.1 - Critical
- March 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-16486.
Heap-based Buffer Overflow
GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may
CVE-2023-0598
9.8 - Critical
- March 16, 2023
GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may allow an attacker to insert malicious configuration files in the expected web server execution path and gain full control of the HMI software.
Code Injection
The affected products are vulnerable to an integer overflow or wraparound, which could
CVE-2023-0754
9.8 - Critical
- February 23, 2023
The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server and remotely execute arbitrary code.
Integer Overflow or Wraparound
The affected products are vulnerable to an improper validation of array index, which could
CVE-2023-0755
9.8 - Critical
- February 23, 2023
The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.
out-of-bounds array index
An unauthorized user with network access and the decryption key could decrypt sensitive data
CVE-2022-38469
7.5 - High
- January 18, 2023
An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords.
Insufficiently Protected Credentials
An unauthorized user could be able to read any file on the system
CVE-2022-43494
6.5 - Medium
- January 18, 2023
An unauthorized user could be able to read any file on the system, potentially exposing sensitive information.
An unauthorized user could possibly delete any file on the system.
CVE-2022-46331
8.1 - High
- January 18, 2023
An unauthorized user could possibly delete any file on the system.
An unauthorized user could alter or write files with full control over the path and content of the file.
CVE-2022-46660
6.5 - Medium
- January 18, 2023
An unauthorized user could alter or write files with full control over the path and content of the file.
Unrestricted File Upload
Even if the authentication fails for local service authentication
CVE-2022-46732
9.8 - Critical
- January 18, 2023
Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status.
Authentication Bypass Using an Alternate Path or Channel
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could
CVE-2022-3084
7.8 - High
- December 08, 2022
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code.
Access of Uninitialized Pointer
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could
CVE-2022-3092
7.8 - High
- December 08, 2022
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code.
Memory Corruption
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could
CVE-2022-2002
7.8 - High
- December 07, 2022
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.
Untrusted Pointer Dereference
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could
CVE-2022-2948
7.8 - High
- December 07, 2022
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.
Heap-based Buffer Overflow
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could
CVE-2022-2952
7.8 - High
- December 07, 2022
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.
Access of Uninitialized Pointer
An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could
CVE-2022-37953
6.1 - Medium
- August 25, 2022
An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an attacker to compromise a victim's browser/session. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater.
A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could
CVE-2022-37952
6.1 - Medium
- August 25, 2022
A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could allow an attacker to compromise a victim's browser. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater.
XSS
GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability using the DTD parameter entities technique
CVE-2021-44477
7.5 - High
- March 25, 2022
GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band (OOB) attack. The vulnerability is triggered when input passed to the XML parser is not sanitized while parsing the XML project/template file.
XXE
GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials
CVE-2021-27430
6.8 - Medium
- March 23, 2022
GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. Additionally, a user with physical access to the UR IED can interrupt the boot sequence by rebooting the UR.
Use of Hard-coded Credentials
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network
CVE-2022-21798
9.8 - Critical
- February 25, 2022
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system.
Cleartext Transmission of Sensitive Information
Exploitation of this vulnerability may result in local privilege escalation and code execution
CVE-2022-23921
7.8 - High
- February 25, 2022
Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and the server is licensed for multiple projects.
Improper Privilege Management
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry
CVE-2019-18243
5.5 - Medium
- February 18, 2021
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation.
Incorrect Permission Assignment for Critical Resource
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects
CVE-2019-18255
5.5 - Medium
- February 18, 2021
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. This may allow privilege escalation.
Incorrect Permission Assignment for Critical Resource
GE Digital APM Classic, Versions 4.4 and prior
CVE-2020-16244
7.2 - High
- September 23, 2020
GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw, along with the IDOR vulnerability, puts the entire platform at high risk because an authenticated user can retrieve all user account data and then retrieve the actual passwords.
GE Digital APM Classic, Versions 4.4 and prior
CVE-2020-16240
5.3 - Medium
- September 23, 2020
GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference (IDOR) vulnerability allows user account data to be downloaded in JavaScript object notation (JSON) format by users who should not have access to such functionality. An attacker can download sensitive data related to user accounts without having the proper privileges.
Insecure Direct Object Reference / IDOR
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior
CVE-2020-6992
6.7 - Medium
- April 15, 2020
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an attacker has access to an authenticated session. GE Digital CIMPLICITY v11.0, released January 2020, contains mitigation for this local privilege escalation vulnerability. GE Digital recommends all users upgrade to GE CIMPLICITY v11.0 or newer.
Improper Privilege Management
GE Mark VIe Controller has an unsecured Telnet protocol
CVE-2019-13554
8.8 - High
- April 07, 2020
GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. GE recommends that users disable the Telnet service.
AuthZ
GE Mark VIe Controller is shipped with pre-configured hard-coded credentials that may allow root-user access to the controller
CVE-2019-13559
7.8 - High
- April 07, 2020
GE Mark VIe Controller is shipped with pre-configured hard-coded credentials that may allow root-user access to the controller. A limited application of the affected product may ship without setup and configuration instructions immediately available to the end user. The bulk of controllers go into applications requiring the GE commissioning engineer to change default configurations during the installation process. GE recommends that users reset controller passwords during installation in the operating environment.
Use of Hard-coded Credentials
GE Communicator, all versions prior to 4.0.517
CVE-2019-6546
7.8 - High
- May 09, 2019
GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements.
DLL preloading
GE Communicator, all versions prior to 4.0.517
CVE-2019-6566
7.8 - High
- May 09, 2019
GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to the system.
Authorization
GE Communicator, all versions prior to 4.0.517
CVE-2019-6564
7.8 - High
- May 09, 2019
GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade.
DLL preloading
GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may
CVE-2019-6548
9.8 - Critical
- May 09, 2019
GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.
Use of Hard-coded Credentials
GE Communicator, all versions prior to 4.0.517, has a service running with system privileges
CVE-2019-6544
5.6 - Medium
- May 09, 2019
GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.
Authorization
XXE in GE Proficy Cimplicity GDS versions 9.0 R2
CVE-2018-15362
9.1 - Critical
- December 07, 2018
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0
XXE
Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft
CVE-2018-17925
4.8 - Medium
- October 10, 2018
Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users to the reported vulnerability. The reported method shown to impact Internet Explorer is not exposed in the iFIX product, nor is the core functionality of the iFIX product known to be impacted.
Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform.
CVE-2018-10615
8.1 - High
- June 04, 2018
Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform.
Directory traversal
Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data
CVE-2018-10613
7.5 - High
- June 04, 2018
Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior.
XXE
Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to
CVE-2018-10611
9.8 - Critical
- June 04, 2018
Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services.
authentification
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions
CVE-2016-9360
6.7 - Medium
- February 13, 2017
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. An attacker may be able to retrieve user passwords if he or she has access to an authenticated session.
Insufficiently Protected Credentials
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which
CVE-2016-5787
6.3 - Medium
- July 15, 2016
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.
Exposure of Resource to Wrong Sphere
GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and
CVE-2008-0174
9.8 - Critical
- January 29, 2008
GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges.
Cleartext Storage of Sensitive Information