GE Security Advisories ka10h000000CwoGAAS | GE Customer Center

GE Security Advisories

2020

IssuedIDTitleLink
Mar 30GED Security Advisory 20-02Local Privilege Escalation in CIMPLICITYGE Digital Security Advisory GED 20-02
Jan 27GED Security Advisory 20-01EKANS ransom softwareGE Digital Security Advisory GED 20-01


2019

IssuedIDTitleLink
Nov 23GED Security Advisory 19-01Privilege Escalation in iFIXGE Digital Security Advisory GED 19-01


2018

IssuedIDTitleLink
Nov 23GED Security Advisory 18-01GE Global Discovery Server Blind XXE VulnerabilityGE Digital Security Advisory GED 18-01
May 01GED SecComm 18-02Gemalto Kaspersky Common Licensing VulnerabilitiesGE Security Communication GED SecComm 18-02
Mar 18GED SecComm 18-01Gigasoft ActiveX VulnerabilityGE Security Communication GED SecComm 18-01

2017

IssuedIDTitleLink
Oct 17GED SecComm 17-01Series 90 Ethernet Drivers & CIMPLICITY VulnerabilitiesGE Security Communication GED SecComm 17-01
May 17GEAC 17-01Ransomware event, known as WannaCryGE A&C Security Advisory GEAC 17-01
Jun 09GEAC 17-02INTEL security advisory that can affect GE’s A&C productsGE A&C Security Advisory GEAC 17-02

2016

IssuedIDTitleLink
July 12GED 16-01CIMPLICITY Services DACLsGE Digital Security Advisory GED 16-01
Nov 29GED 16-02Password Management VulnerabilityGE Digital Security Advisory GED 16-02

2015

IssuedIDTitleLink
Dec 22GE15-16Series 90-30 VulnerabilitiesGE15-16 Security Advisory - Series 90-30 Vulnerabilities
Dec 22GE15-15QuickPanel+ VulnerabilitiesGE15-15 Security Advisory - QuickPanel+ Vulnerabilities
Dec 22GE15-14VersaMax ENUI VulnerabilitiesGE15-14 Security Advisory - VersaMax ENIU Vulnerabilities
Dec 22GE15-13VersaMax CPUE05 VulnerabilitiesGE15-13 Security Advisory - VersaMax CPUE05 Vulnerabilities
Dec 18GE15-12PAC8000 VulnerabilitiesPAC8000 Security Advisory
Dec 18GE15-11PACSystems RX3i Controllers: Security EnhancementsSecurity Enhancements
Dec 18GE15-10PACSystems RXi, RX3i, & RX7i Controllers: SRTP Plaintext PasswordsSRTP Plaintext Passwords
Dec 18GE15-09PACSystems RXi, RX3i, & RX7i Controllers: Unauthenticated SRTPUnauthenticated SRTP
Dec 18GE15-08PACSystems RX3i & RX7i Controllers: Unauthenticated EGDUnauthenticated EGD
Dec 18GE15-07PACSystems RXi & RX3i Controllers: Unauthenticated SNMPUnauthenticated SNMP
Dec 18GE15-06PACSystems RXi, RX3i, & RX7i Controllers: Network Storm Denial of ServiceNetwork Storm Denial of Service
Dec 18GE15-05PACSystems RX3i & RX7i Controllers: Plaintext AUP File TransmissionPlaintext AUP File Transmission
Dec 18GE15-04PACSystems RX3i & RX7i Controllers: Station Manager Shared LoginStation Manager Shared Login
Dec 18GE15-03PACSystems RX3i & RX7i Controllers: SRTP Denial of ServiceSRTP Denial of Service
Sept 4GEIP15-02Proficy Mobile Change to Supported BrowserProficy Mobile Change to Supported Browser
May 22GEIP15-01Impact of SSL3.0 POODLE VulnerabilityGE Security Advisory GEIP15-01

2014

IssuedIDTitleLink
Oct 28GEIP14-05Proficy HMI/SCADA - CIMPLICITY Targeted by an Advanced Threat ActorGE Security Advisory GEIP14-05
Oct 14GEIP14-04Proficy HMI/SCADA – DNP3 Driver from Catapult SoftwareGE Security Advisory GEIP14-04
Oct 14GEIP14-03Proficy HMI/SCADA – CIMPLICITY Elevation of PrivilegeGE Security Advisory GEIP14-03
Oct 14GEIP14-02Proficy HMI/SCADA – CIMPLICITY CimView Memory Access ViolationGE Security Advisory GEIP14-02
Oct 14GEIP14-01Proficy Industrial Gateway Server Driver from KepwareGE Security Advisory GEIP14-01
Oct 14GEIP13-02-2Proficy HMI/SCADA – TCPTASK Denial of ServiceGE Security Advisory GEIP14-01

2013

IssuedIDTitleLink
Dec 19GEIP13-06Proficy HMI/SCADA – CIMPLICITY WebView remote code execGE Security Advisory GEIP13-06
Dec 19GEIP13-05Proficy HMI/SCADA – CIMPLICITY web access remote code execGE Security Advisory GEIP13-05
Oct 7GEIP13-04Proficy DNP3 I/O Driver: Denial of ServiceGE Security Advisory GEIP13-04
Jun 18GEIP13-03Proficy HMI/SCADA – CIMPLICITY WebView buffer overflowsGE Security Advisory GEIP13-03
Feb 19GEIP13-02Proficy HMI/SCADA – iFIX TCP/IP Task Denial of ServiceGE Security Advisory GEIP13-03
Feb 19GEIP13-01Proficy HMI/SCADA – iFIX I/O Drivers Default PasswordGE Security Advisory GEIP13-01

2012

IssuedIDTitleLink
Dec 4GEIP12-19Proficy CIMPLICITY: WebView information disclosureGE Security Advisory GEIP12-19
Dec 4GEIP12-1890-30 & 90-70 Ethernet Station Manager: Multiple vulnerabilitiesGE Security Advisory GEIP12-18
Dec 4GEIP12-17Proficy Machine Edition – View: Reflected cross-site scriptingGE Security Advisory GEIP12-17
Dec 4GEIP12-16Proficy Machine Edition – View & PC: Missing AuthenticationGE Security Advisory GEIP12-16
October 2GEIP12-15Proficy Portal: Information disclosure (authentication design)GE Security Advisory GEIP12-15
October 2GEIP12-14Proficy Portal: Information disclosure in default configurationGE Security Advisory GEIP12-14
October 2GEIP12-13Proficy CIMPLICITY: Multiple vulnerabilities in built-in web serverGE Security Advisory GEIP12-13
August 14GEIP12-12Versamax PROFINET Scanner: Flawed authenticationGE Security Advisory GEIP12-12
August 14GEIP12-11Versamax PROFINET Scanner: Unnecessary TFTP servicesGE Security Advisory GEIP12-11
August 14GEIP12-10Proficy Portal: Multiple memory corruption vulnerabilitiesProficy Security Advisory GEIP12-10
April 24GEIP12-09PACSystems RX3i CPU & NIU: Memory readGE Security Advisory GEIP12-09
April 24GEIP12-08PACSystems RX3i,RX7i & Series 90-30: Buffer overflowsGE Security Advisory GEIP12-08
April 24GEIP12-07PACSystems RX3i,RX7i & Series 90-30: Unnecessary servicesGE Security Advisory GEIP12-07
April 24GEIP12-06Proficy Machine Edition - View: Buffer overflowGE Security Advisory GEIP12-06
April 24GEIP12-05Proficy iFIX: Buffer overflow in TCP/IP Task componentGE Security Advisory GEIP12-05
April 24GEIP12-04Proficy Historian, iFIX, Batch, Pulse, SI7 Driver: HTML HelpGE Security Advisory GEIP12-04
Jan 31GEIP12-03Proficy Portal: Directory traversalProficy Security Advisory GEIP12-03
Jan 31GEIP12-02Proficy Plant Applications: Memory corruptionProficy Security Advisory GEIP12-02
Jan 31GEIP12-01Proficy Historian: Data archiver memory corruptionProficy Security Advisory GEIP12-01

2011

IssuedIDTitleLink
Aug 29GEIP11-01Proficy Historian: ihDataArchiver buffer overflowProficy Security Advisory Information (GEIP11-02, GEIP11-03)
Aug 29GEIP11-02Proficy Plant Applications: Multiple services buffer overflowProficy Security Advisory Information (GEIP11-02, GEIP11-03)
Aug 29GEIP11-03Proficy Historian: Web Administrator cross-site scripting (XSS)Proficy Security Advisory Information (GEIP11-02, GEIP11-03)

Previous

IssuedIDTitleLink
2/11/09n/aProficy iFIX: Authentication vulnerabilitiesSecurity Issue: CERT Reported Vulnerabilities in iFIX Security