OTPulse
FeedAboutContact

GE Proficy HMI SCADA CIMPLICITY Privilege Management Vulnerability

Monitor5.7ICS-CERT ICSA-16-194-02Apr 15, 2016
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionRequired
Summary

GE Proficy HMI SCADA CIMPLICITY versions 8.2_SIM_26 and earlier contain an improper privilege management vulnerability (CWE-269) that allows users with local access to escalate privileges. The vulnerability has a CVSS score of 5.7 (medium) and affects confidentiality, integrity, and availability with low complexity exploitation. No patch has been released by the vendor.

What this means
What could happen
A user with local access to a CIMPLICITY system could exploit improper privilege controls to gain elevated permissions, potentially allowing unauthorized changes to HMI/SCADA configurations or process parameters that could disrupt plant operations.
Who's at risk
Energy and manufacturing organizations using GE Proficy HMI SCADA CIMPLICITY v8.2_SIM_26 and earlier for process monitoring and control. This affects operators, engineers, and system administrators with access to CIMPLICITY workstations that may be targeted by insiders or unauthorized local users.
How it could be exploited
An attacker with local login access to a CIMPLICITY workstation could bypass privilege management controls through user interaction (such as social engineering or physical access). Once exploited, the attacker gains elevated privileges to modify HMI screens, alarms, or process setpoints without proper authorization.
Prerequisites
  • Local access to CIMPLICITY workstation
  • Valid user account (non-admin) on the system
  • User interaction or authorization prompt required
Local access requiredPrivilege escalation vulnerabilityNo patch availableLow attack complexity
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
CIMPLICITY: <=8.2_SIM_26≤ 8.2 SIM 26No fix (EOL)
Remediation & Mitigation
0/4
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor and audit user activities on CIMPLICITY systems, particularly privilege escalation attempts and configuration changes
Mitigations - no patch available
0/3
CIMPLICITY: <=8.2_SIM_26 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement network segmentation to restrict local access to CIMPLICITY systems to authorized personnel and engineering workstations only
HARDENINGEnforce role-based access control (RBAC) and principle of least privilege within CIMPLICITY—limit user roles to only the permissions required for their job function
HARDENINGRestrict physical and remote access to CIMPLICITY engineering workstations to authorized personnel only
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/3daf7f50-ef25-47e7-a723-e764dd75a2b4
GE Proficy HMI SCADA CIMPLICITY Privilege Management Vulnerability | CVSS 5.7 - OTPulse