Ifix
This hub aggregates every CVE we track for Ifix, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
1
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Ifix.
- CVE-2023-0598GE Digital Proficy Code Injection7.8
- CVE-2019-18243HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation.5.5
- CVE-2019-18255HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. This may allow privilege escalation.5.5
- CVE-2018-17925Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft...4.8
- CVE-2016-9360An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Ver...6.7
- CVE-2009-0216GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start p...10.0
Product normalization is registry-driven with AI assist and human review. How it works