{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1763", "assignerOrgId": "2cf0fb33-79e2-44e0-beb8-826cc5ce3250", "state": "PUBLISHED", "assignerShortName": "GE_Vernova", "dateReserved": "2026-02-02T14:36:45.715Z", "datePublished": "2026-02-10T20:06:12.992Z", "dateUpdated": "2026-03-04T18:40:04.425Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "UR Setup", "platforms": ["Windows"], "product": "Enervista", "vendor": "GE Vernova", "versions": [{"status": "affected", "version": "8.6 and previous versions"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Reid Wightman"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Vulnerability in GE Vernova Enervista UR Setup on Windows.<p>This issue affects Enervista: 8.6 and previous versions.</p>"}], "value": "Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "2cf0fb33-79e2-44e0-beb8-826cc5ce3250", "shortName": "GE_Vernova", "dateUpdated": "2026-03-04T18:40:04.425Z"}, "references": [{"url": "https://www.gevernova.com/content/dam/cyber_security/global/en_US/pdfs/ges-2025-005.pdf"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The EnerVista URPC installation software versions prior to 8.70, used an incorrect method of \nloading the DLL (dynamic Link Library) file by referencing it relative to the location of the installation \nfolder. If the system in which the software is installed gets compromised, an attacker could exploit \nthis weakness and replace the legitimate DLL with a malicious file. <br><br>\nThe EnerVista UR Setup software installation has been upgraded to address this vulnerability. \n\n<br>"}], "value": "The EnerVista URPC installation software versions prior to 8.70, used an incorrect method of \nloading the DLL (dynamic Link Library) file by referencing it relative to the location of the installation \nfolder. If the system in which the software is installed gets compromised, an attacker could exploit \nthis weakness and replace the legitimate DLL with a malicious file. \n\n\nThe EnerVista UR Setup software installation has been upgraded to address this vulnerability."}], "source": {"discovery": "UNKNOWN"}, "title": "Enervista UR Setup DLL Hijacking", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "As a workaround, GE Vernova recommends having secure infrastructure in place, which can protect the \nsystem. We also recommend that customers protect their digital devices using a defense-in-depth \nstrategy. This includes, but is not limited to, placing digital devices inside the control system network \nsecurity perimeter, access controls, robust network monitoring (such as Intrusion Detection System) and \nother mitigation techniques in place. Please refer to the product secure deployment guide. \n\n\n<br><br>\n\nIt is essential for organizations to prioritize cybersecurity measures, including regular vulnerability \nassessments and prompt application of security patches. \n\n<br>"}], "value": "As a workaround, GE Vernova recommends having secure infrastructure in place, which can protect the \nsystem. We also recommend that customers protect their digital devices using a defense-in-depth \nstrategy. This includes, but is not limited to, placing digital devices inside the control system network \nsecurity perimeter, access controls, robust network monitoring (such as Intrusion Detection System) and \nother mitigation techniques in place. Please refer to the product secure deployment guide. \n\n\n\n\n\n\nIt is essential for organizations to prioritize cybersecurity measures, including regular vulnerability \nassessments and prompt application of security patches."}], "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-35", "lang": "en", "description": "CWE-35 Path Traversal: '.../...//'"}]}], "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-048-03", "tags": ["government-resource"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-10T20:29:35.281884Z", "id": "CVE-2026-1763", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-27T14:54:23.671Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1763", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-10T20:29:35.281884Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-10T20:29:39.156Z"}}], "cna": {"title": "Enervista UR Setup DLL Hijacking", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Reid Wightman"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "GE Vernova", "product": "Enervista", "versions": [{"status": "affected", "version": "8.6 and previous versions"}], "platforms": ["Windows"], "packageName": "UR Setup", "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "The EnerVista URPC installation software versions prior to 8.70, used an incorrect method of \nloading the DLL (dynamic Link Library) file by referencing it relative to the location of the installation \nfolder. If the system in which the software is installed gets compromised, an attacker could exploit \nthis weakness and replace the legitimate DLL with a malicious file. \n\n\nThe EnerVista UR Setup software installation has been upgraded to address this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "The EnerVista URPC installation software versions prior to 8.70, used an incorrect method of \nloading the DLL (dynamic Link Library) file by referencing it relative to the location of the installation \nfolder. If the system in which the software is installed gets compromised, an attacker could exploit \nthis weakness and replace the legitimate DLL with a malicious file. <br><br>\nThe EnerVista UR Setup software installation has been upgraded to address this vulnerability. \n\n<br>", "base64": false}]}], "references": [{"url": "https://www.gevernova.com/grid-solutions/passport/login?destination=resources%3Fprod%3Durfamily%26type%3D21%26node_id%3D4987%26check_logged_in%3D1"}], "workarounds": [{"lang": "en", "value": "As a workaround, GE Vernova recommends having secure infrastructure in place, which can protect the \nsystem. We also recommend that customers protect their digital devices using a defense-in-depth \nstrategy. This includes, but is not limited to, placing digital devices inside the control system network \nsecurity perimeter, access controls, robust network monitoring (such as Intrusion Detection System) and \nother mitigation techniques in place. Please refer to the product secure deployment guide. \n\n\n\n\n\n\nIt is essential for organizations to prioritize cybersecurity measures, including regular vulnerability \nassessments and prompt application of security patches.", "supportingMedia": [{"type": "text/html", "value": "As a workaround, GE Vernova recommends having secure infrastructure in place, which can protect the \nsystem. We also recommend that customers protect their digital devices using a defense-in-depth \nstrategy. This includes, but is not limited to, placing digital devices inside the control system network \nsecurity perimeter, access controls, robust network monitoring (such as Intrusion Detection System) and \nother mitigation techniques in place. Please refer to the product secure deployment guide. \n\n\n<br><br>\n\nIt is essential for organizations to prioritize cybersecurity measures, including regular vulnerability \nassessments and prompt application of security patches. \n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions.", "supportingMedia": [{"type": "text/html", "value": "Vulnerability in GE Vernova Enervista UR Setup on Windows.<p>This issue affects Enervista: 8.6 and previous versions.</p>", "base64": false}]}], "providerMetadata": {"orgId": "2cf0fb33-79e2-44e0-beb8-826cc5ce3250", "shortName": "GE_Vernova", "dateUpdated": "2026-02-10T20:06:12.992Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1763", "state": "PUBLISHED", "dateUpdated": "2026-02-10T20:29:43.312Z", "dateReserved": "2026-02-02T14:36:45.715Z", "assignerOrgId": "2cf0fb33-79e2-44e0-beb8-826cc5ce3250", "datePublished": "2026-02-10T20:06:12.992Z", "assignerShortName": "GE_Vernova"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions."}], "id": "CVE-2026-1763", "lastModified": "2026-03-04T19:16:11.040", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.3, "impactScore": 4.2, "source": "GEPowerCVD@ge.com", "type": "Secondary"}]}, "published": "2026-02-10T20:16:53.073", "references": [{"source": "GEPowerCVD@ge.com", "url": "https://www.gevernova.com/content/dam/cyber_security/global/en_US/pdfs/ges-2025-005.pdf"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-048-03"}], "sourceIdentifier": "GEPowerCVD@ge.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-35"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}