CVE-2023-0598 (ifix) | allinfosecnews.com

March 16, 2023, 8:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may allow an attacker to insert malicious configuration files in the expected web server execution path and gain full control of the HMI software.

code code injection configuration configuration files control cve digital files hmi injection malicious may path server software vulnerable web web server

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 7 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 7 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 7 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 7 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 7 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 7 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 7 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 7 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 7 months ago | web.nvd.nist.gov

android bypass check cve +10

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com