CVE-2016-5787
First published: Fri Jul 15 2016(Updated: )
General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GE Proficy CIMPLICITY | <8.2 | |
| GE Proficy CIMPLICITY | =8.2-sim1 | |
| GE Proficy CIMPLICITY | =8.2-sim10 | |
| GE Proficy CIMPLICITY | =8.2-sim11 | |
| GE Proficy CIMPLICITY | =8.2-sim12 | |
| GE Proficy CIMPLICITY | =8.2-sim13 | |
| GE Proficy CIMPLICITY | =8.2-sim14 | |
| GE Proficy CIMPLICITY | =8.2-sim15 | |
| GE Proficy CIMPLICITY | =8.2-sim16 | |
| GE Proficy CIMPLICITY | =8.2-sim17 | |
| GE Proficy CIMPLICITY | =8.2-sim18 | |
| GE Proficy CIMPLICITY | =8.2-sim19 | |
| GE Proficy CIMPLICITY | =8.2-sim2 | |
| GE Proficy CIMPLICITY | =8.2-sim20 | |
| GE Proficy CIMPLICITY | =8.2-sim21 | |
| GE Proficy CIMPLICITY | =8.2-sim22 | |
| GE Proficy CIMPLICITY | =8.2-sim23 | |
| GE Proficy CIMPLICITY | =8.2-sim24 | |
| GE Proficy CIMPLICITY | =8.2-sim25 | |
| GE Proficy CIMPLICITY | =8.2-sim26 | |
| GE Proficy CIMPLICITY | =8.2-sim3 | |
| GE Proficy CIMPLICITY | =8.2-sim4 | |
| GE Proficy CIMPLICITY | =8.2-sim5 | |
| GE Proficy CIMPLICITY | =8.2-sim6 | |
| GE Proficy CIMPLICITY | =8.2-sim7 | |
| GE Proficy CIMPLICITY | =8.2-sim8 | |
| GE Proficy CIMPLICITY | =8.2-sim9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-5787?
CVE-2016-5787 is classified as a medium severity vulnerability.
How do I fix CVE-2016-5787?
To fix CVE-2016-5787, update GE CIMPLICITY to version 8.2 SIM 27 or later.
Who is affected by CVE-2016-5787?
CVE-2016-5787 affects all versions of GE CIMPLICITY prior to 8.2 SIM 27.
What type of vulnerability is CVE-2016-5787?
CVE-2016-5787 is a local privilege escalation vulnerability due to mishandled service DACLs.
How can local users exploit CVE-2016-5787?
Local users can exploit CVE-2016-5787 to modify service configurations through unspecified vectors.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ge
- canonical/ge proficy cimplicity
- version/ge proficy cimplicity/8.2-sim1
- version/ge proficy cimplicity/8.2-sim10
- version/ge proficy cimplicity/8.2-sim11
- version/ge proficy cimplicity/8.2-sim12
- version/ge proficy cimplicity/8.2-sim13
- version/ge proficy cimplicity/8.2-sim14
- version/ge proficy cimplicity/8.2-sim15
- version/ge proficy cimplicity/8.2-sim16
- version/ge proficy cimplicity/8.2-sim17
- version/ge proficy cimplicity/8.2-sim18
- version/ge proficy cimplicity/8.2-sim19
- version/ge proficy cimplicity/8.2-sim2
- version/ge proficy cimplicity/8.2-sim20
- version/ge proficy cimplicity/8.2-sim21
- version/ge proficy cimplicity/8.2-sim22
- version/ge proficy cimplicity/8.2-sim23
- version/ge proficy cimplicity/8.2-sim24
- version/ge proficy cimplicity/8.2-sim25
- version/ge proficy cimplicity/8.2-sim26
- version/ge proficy cimplicity/8.2-sim3
- version/ge proficy cimplicity/8.2-sim4
- version/ge proficy cimplicity/8.2-sim5
- version/ge proficy cimplicity/8.2-sim6
- version/ge proficy cimplicity/8.2-sim7
- version/ge proficy cimplicity/8.2-sim8
- version/ge proficy cimplicity/8.2-sim9