CVE-2022-2002

GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-04 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:ge:cimplicity:*:*:*:*:*:*:*:*

History

07 Nov 2023, 03:46

Type Values Removed Values Added
Summary GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code. GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code.

Information

Published : 2022-12-07 23:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-2002

Mitre link : CVE-2022-2002

CVE.ORG link : CVE-2022-2002


JSON object : View

Products Affected

ge

  • cimplicity
CWE
CWE-822

Untrusted Pointer Dereference