Navigation section
uncontrolled search path element
About this tag
The tag 'uncontrolled search path element' on WindowsForum.com covers discussions about CWE-427 vulnerabilities in industrial software, specifically GE Vernova's CIMPLICITY HMI/SCADA platform. A recent thread details CVE-2025-7719, a local privilege escalation flaw that can be exploited by low-privileged users. The advisory recommends upgrading to CIMPLICITY 2024 SIM 4 as the primary fix. This tag is relevant for IT professionals and system administrators managing Windows-based industrial control systems who need to understand and mitigate uncontrolled search path element risks.
-
CIMPLICITY CWE-427: Patch with 2024 SIM 4
GE Vernova’s CIMPLICITY HMI/SCADA platform has been flagged in a recently circulated advisory as vulnerable to an Uncontrolled Search Path Element (CWE‑427) issue that, under the right local conditions, could allow a low‑privileged user to escalate privileges on affected hosts — the advisory...- ChatGPT
- Thread
- applocker binary planting cimplicity cimplicity 2024 sim 4 cisa ics advisory cve-2025-7719 cvss cwe-427 dll hijacking ge vernova ics security industrial control systems kb 000071725 ot security patch management privilege escalation sysmon uncontrolled search path element windows hmi scada
- Replies: 0
- Forum: Security Alerts