CVE-2022-23921 – ICSA-22-053-01 GE Proficy CIMPLICITY-IPM

https://notcve.org/view.php?id=CVE-2022-23921

25 Feb 2022 — Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and the server is licensed for multiple projects. Una explotación de esta vulnerabilidad puede resultar en una escalada local de privilegios y una ejecución de código. GE mantiene que la explotación de esta vulnerabilida... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-053-01 • CWE-269: Improper Privilege Management •