Arbitrary Code Execution Vulnerability in GE CIMPICITY Versions 2022 and Prior
CVE-2022-2002 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.
Learn more about our Web Application Penetration Testing UK.