OTPulse
FeedAboutContact

GE CIMPLICITY (Update A)

Monitor6.8ICS-CERT ICSA-17-278-01AOct 5, 2017
Attack VectorAdjacent
Auth RequiredLow
ComplexityHigh
User InteractionRequired
Summary

CIMPLICITY versions 9.0 and earlier contain a buffer overflow vulnerability (CWE-121) in network communication handling. An attacker with local network access, valid credentials, and ability to trigger user interaction could execute arbitrary code on the affected workstation. The vulnerability affects CIMPLICITY's Series 90 TCP/IP communications module.

What this means
What could happen
An attacker with local network access and limited credentials could execute arbitrary code on a CIMPLICITY workstation, potentially allowing them to modify process setpoints, alarm settings, or disable monitoring and control functions.
Who's at risk
Energy sector organizations running CIMPLICITY 9.0 or earlier should prioritize this update. Engineering workstations and SCADA human-machine interfaces (HMIs) in power generation and distribution environments are at risk if they expose CIMPLICITY to untrusted networks.
How it could be exploited
An attacker on the local network (adjacent network segment) with low-level user credentials and user interaction (such as opening a malicious file or following a social engineering prompt) could trigger a buffer overflow in CIMPLICITY's network communication handler, leading to code execution on the engineering workstation.
Prerequisites
  • Network access on the same subnet or adjacent network segment (AV:A indicates adjacent network)
  • Valid low-privilege user credentials (PR:L)
  • User interaction required—victim must open a file or click a link (UI:R)
Local/adjacent network attack required (not fully remote)Low-complexity exploitationRequires valid credentialsRequires user interactionAffects critical process control software
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
CIMPLICITY:≤ 9.09.5
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade CIMPLICITY to Version 9.5 or later
WORKAROUNDIf running Series 90 TCP/IP communications, migrate to triplex communication support using the 'convert to triplex' application tool (available since CIMPLICITY 6.1)
Long-term hardening
0/1
HARDENINGRestrict network access to CIMPLICITY workstations via firewall rules to allow only authorized engineering networks
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/072111d5-2160-4862-aee0-1dca61a77f87
GE CIMPLICITY (Update A) | CVSS 6.8 - OTPulse