Title: Local Privilege Escalation and Code Execution Vulnerability in CIMPLICITY Server

Title: Local Privilege Escalation and Code Execution Vulnerability in CIMPLICITY Server

CVE-2022-23921 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and the server is licensed for multiple projects.

Learn more about our Cis Benchmark Audit For Server Software.