cvedb.io
CVE-2023-0598
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2023-03-16T20:15:11.327 · Last modified 2026-06-17T05:25:53.947

Summary

GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may allow an attacker to insert malicious configuration files in the expected web server execution path and gain full control of the HMI software.

Affected products

ge — ifix

Does this affect you?

Add your gear to cvedb and we'll alert you only when ge ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.