Local Privilege Escalation in GE CIMPLICITY 2023

Local Privilege Escalation in GE CIMPLICITY 2023

CVE-2023-4487 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software.

Learn more about our Web App Pen Testing.