The NCCIC has released an advisory on an XXE vulnerability in GE Profidy. Cimplicity 9.0 R2, 9.5, and 10.0 are affected. Successful exploitation of this vulnerability could allow an attacker to initiate an OPC UA session and retrieve an arbitrary file. GE recommends users update to Version 2.1 or newer. The NCCIC also advises on a series of mitigating measures for this vulnerability. NCCIC/ICS-CERT.
You are here
Related Resources
Dec 12, 2024 in Cybersecurity, in Federal & State Resources, in Security Preparedness
Dec 12, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness
Dec 12, 2024 in Cybersecurity, in OT-ICS Security, in Federal & State Resources
