Ge Reason Rt43X Clocks vulnerabilities
2 known vulnerabilities affecting ge/reason_rt43x_clocks.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-25197P3HIGHCVSS 8.8≥ unspecified, < 08A062022-03-18
CVE-2020-25197 [HIGH] CWE-94 CVE-2020-25197: A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system.
nvd
CVE-2020-25193P4MEDIUMCVSS 5.3≥ unspecified, < 08A062022-03-18
CVE-2020-25193 [MEDIUM] CWE-321 CVE-2020-25193: By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection.
nvd