Ge Inet 900 Firmware vulnerabilities
5 known vulnerabilities affecting ge/inet_900_firmware.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-24119P2CRITICALCVSS 9.8fixed in 8.3.02022-12-26
CVE-2022-24119 [CRITICAL] CWE-829 CVE-2022-24119: Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote
Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0.
nvd
CVE-2022-24117P3CRITICALCVSS 9.8fixed in 8.3.02022-12-26
CVE-2022-24117 [CRITICAL] CWE-494 CVE-2022-24117: Certain General Electric Renewable Energy products download firmware without an integrity check. Thi
Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.
nvd
CVE-2022-24118P3CRITICALCVSS 9.1fixed in 8.3.02022-12-26
CVE-2022-24118 [CRITICAL] CWE-400 CVE-2022-24118: Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.
nvd
CVE-2022-24116P3CRITICALCVSS 9.8fixed in 8.3.02022-12-26
CVE-2022-24116 [CRITICAL] CWE-326 CVE-2022-24116: Certain General Electric Renewable Energy products have inadequate encryption strength. This affects
Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0.
nvd
CVE-2022-24120P4MEDIUMCVSS 4.6fixed in 8.3.02022-12-26
CVE-2022-24120 [MEDIUM] CWE-312 CVE-2022-24120: Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This
Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0.
nvd