5.3 2017-01-31T12:34:45 GE Proficy HMI SCADA CIMPLICITY Privilege Management Vulnerability - CVE-2016-5787 (GED 16-01) General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors. HKEY_LOCAL_MACHINE DisplayVersion HKEY_LOCAL_MACHINE ^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\{D33BB924-C487-4065-8B5A-DD9C900000\d{2}\}$ DisplayVersion HKEY_LOCAL_MACHINE ^SYSTEM\\CurrentControlSet\\services\\((CIMPLICITY)|(WEBVIEW)|(EGD Service)|(CimProxy))\\Security$ Security HKEY_LOCAL_MACHINE DisplayVersion oval:com.kaspersky.ics-cert:obj:1 oval:com.kaspersky.ics-cert:obj:6 HKEY_LOCAL_MACHINE ^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\{D33BB924-C487-4065-8B5A-DD9C900000\d{2}\}$ DisplayVersion oval:com.kaspersky.ics-cert:obj:2 oval:com.kaspersky.ics-cert:obj:8 8.10.18236 8.10.18651 8.20.20570 8.10.18236 8.20.20313 reg_binary 01001480300000003C000000140000000000000002001C000100000002801400FF010F00010100000000000100000000010100000000000512000000010100000000000512000000 ^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{((4AF366C7-81ED-420E-9B1E-6CBF8F96E722)|(C596BAFB-9F7B-4042-B765-660902CD2F05))}$