GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code. CreditsKimiya working with Trend micro Zero Day Initiative reported these vulnerabilities to CISA.Referenceshttps://www.cisa.gov/uscert/ics/advisories/icsa-22-326-04
