Auto-Notification
Please visit the customer profile page on the support site to sign up for auto-notifications for GE Digital products
to receive immediate notice of security alerts and information.
Instructions on “How to sign up for Auto-Notifications for updates” can be found here;
https://digitalsupport.ge.com/communities/en_US/Article/How-to-sign-up-for-Auto-Notifications-for-GE-Digitalproducts
2021
| Issued | ID | Title | Link |
| Feb 5 | GED Security Advisory 21-01 | iFIX Vulnerabilities | GE Digital Security Advisory GED 21-01 |
2020
| Issued | ID | Title | Link |
| Dec 17 | GED Security Advisory 20-05 | Industrial Gateway Server (IGS) Vulnerability | GE Digital Security Advisory GED 20-05 |
| Sep 18 | GED Security Advisory 20-04 | APM Classic Vulnerabilities | GE Digital Security Advisory GED 20-04 |
| Jul 09 | GED Security Advisory 20-03 | APM Connect and Ghostcat vulnerability | GE Digital Security Advisory GED 20-03 |
| Mar 30 | GED Security Advisory 20-02 | Local Privilege Escalation in CIMPLICITY | GE Digital Security Advisory GED 20-02 |
| Jan 27 | GED Security Advisory 20-01 | EKANS ransom software | GE Digital Security Advisory GED 20-01 |
2019
| Issued | ID | Title | Link |
| Nov 23 | GED Security Advisory 19-01 | Privilege Escalation in iFIX | GE Digital Security Advisory GED 19-01 |
2018
| Issued | ID | Title | Link |
| Nov 23 | GED Security Advisory 18-01 | GE Global Discovery Server Blind XXE Vulnerability | GE Digital Security Advisory GED 18-01 |
| May 01 | GED SecComm 18-02 | Gemalto Kaspersky Common Licensing Vulnerabilities | GE Security Communication GED SecComm 18-02 |
| Mar 18 | GED SecComm 18-01 | Gigasoft ActiveX Vulnerability | GE Security Communication GED SecComm 18-01 |
2017
| Issued | ID | Title | Link |
| May 17 | GEAC 17-01 | Ransomware event, known as WannaCry | GE Security Advisory GEAC 17-01 |
2016
| Issued | ID | Title | Link |
| July 12 | GED 16-01 | CIMPLICITY Services DACLs | GE Digital Security Advisory GED 16-01 |
| Nov 29 | GED 16-02 | Password Management Vulnerability | GE Digital Security Advisory GED 16-02 |
2015
| Issued | ID | Title | Link |
| Sept 4 | GEIP15-02 | Proficy Mobile Change to Supported Browser | Proficy Mobile Change to Supported Browser |
| May 22 | GEIP15-01 | Impact of SSL3.0 POODLE Vulnerability | GE Security Advisory GEIP15-01 |
2014
| Issued | ID | Title | Link |
| Oct 28 | GEIP14-05 | Proficy HMI/SCADA - CIMPLICITY Targeted by an Advanced Threat Actor | GE Security Advisory GEIP14-05 |
| Oct 14 | GEIP14-04 | Proficy HMI/SCADA – DNP3 Driver from Catapult Software | GE Security Advisory GEIP14-04 |
| Oct 14 | GEIP14-03 | Proficy HMI/SCADA – CIMPLICITY Elevation of Privilege | GE Security Advisory GEIP14-03 |
| Oct 14 | GEIP14-02 | Proficy HMI/SCADA – CIMPLICITY CimView Memory Access Violation | GE Security Advisory GEIP14-02 |
| Oct 14 | GEIP14-01 | Proficy Industrial Gateway Server Driver from Kepware | GE Security Advisory GEIP14-01 |
| Oct 14 | GEIP13-02-2 | Proficy HMI/SCADA – TCPTASK Denial of Service | GE Security Advisory GEIP13-02-2 |
2013
| Issued | ID | Title | Link |
| Dec 19 | GEIP13-06 | Proficy HMI/SCADA – CIMPLICITY WebView remote code exec | GE Security Advisory GEIP13-06 |
| Dec 19 | GEIP13-05 | Proficy HMI/SCADA – CIMPLICITY web access remote code exec | GE Security Advisory GEIP13-05 |
| Oct 7 | GEIP13-04 | Proficy DNP3 I/O Driver: Denial of Service | GE Security Advisory GEIP13-04 |
| Jun 18 | GEIP13-03 | Proficy HMI/SCADA – CIMPLICITY WebView buffer overflows | GE Security Advisory GEIP13-03 |
| Feb 19 | GEIP13-02 | Proficy HMI/SCADA – iFIX TCP/IP Task Denial of Service | GE Security Advisory GEIP13-02 |
| Feb 19 | GEIP13-01 | Proficy HMI/SCADA – iFIX I/O Drivers Default Password | GE Security Advisory GEIP13-01 |
2012
| Issued | ID | Title | Link |
| Dec 4 | GEIP12-19 | Proficy CIMPLICITY: WebView information disclosure | GE Security Advisory GEIP12-19 |
| October 2 | GEIP12-15 | Proficy Portal: Information disclosure (authentication design) | GE Security Advisory GEIP12-15 |
| October 2 | GEIP12-14 | Proficy Portal: Information disclosure in default configuration | GE Security Advisory GEIP12-14 |
| October 2 | GEIP12-13 | Proficy CIMPLICITY: Multiple vulnerabilities in built-in web server | GE Security Advisory GEIP12-13 |
| August 14 | GEIP12-10 | Proficy Portal: Multiple memory corruption vulnerabilities | Proficy Security Advisory GEIP12-10 |
| April 24 | GEIP12-05 | Proficy iFIX: Buffer overflow in TCP/IP Task component | GE Security Advisory GEIP12-05 |
| April 24 | GEIP12-04 | Proficy Historian, iFIX, Batch, Pulse, SI7 Driver: HTML Help | GE Security Advisory GEIP12-04 |
| Jan 31 | GEIP12-03 | Proficy Portal: Directory traversal | Proficy Security Advisory GEIP12-03 |
| Jan 31 | GEIP12-02 | Proficy Plant Applications: Memory corruption | Proficy Security Advisory GEIP12-02 |
| Jan 31 | GEIP12-01 | Proficy Historian: Data archiver memory corruption | Proficy Security Advisory GEIP12-01 |
2011
| Issued | ID | Title | Link |
| Aug 29 | GEIP11-01 | Proficy Historian: ihDataArchiver buffer overflow | Proficy Security Advisory Information (GEIP11-02, GEIP11-03) |
| Aug 29 | GEIP11-02 | Proficy Plant Applications: Multiple services buffer overflow | Proficy Security Advisory Information (GEIP11-02, GEIP11-03) |
| Aug 29 | GEIP11-03 | Proficy Historian: Web Administrator cross-site scripting (XSS) | Proficy Security Advisory Information (GEIP11-02, GEIP11-03) |
Previous
| Issued | ID | Title | Link |
| 2/11/09 | n/a | Proficy iFIX: Authentication vulnerabilities | Security Issue: CERT Reported Vulnerabilities in iFIX Security |