The NCCIC has released an advisory on an XXE vulnerability in GE Profidy. Cimplicity 9.0 R2, 9.5, and 10.0 are affected. Successful exploitation of this vulnerability could allow an attacker to initiate an OPC UA session and retrieve an arbitrary file. GE recommends users update to Version 2.1 or newer. The NCCIC also advises on a series of mitigating measures for this vulnerability. NCCIC/ICS-CERT.
You are here
Related Resources
Feb 20, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
Feb 20, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
Feb 20, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
