Ge Rt430 Firmware vulnerabilities
3 known vulnerabilities affecting ge/rt430_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-12017P2CRITICALCVSS 9.8fixed in 08a052020-06-02
CVE-2020-12017 [CRITICAL] CWE-306 CVE-2020-12017: GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. T
GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. The device’s vulnerability in the web application could allow multiple unauthenticated attacks that could cause serious impact. The vulnerability may allow an unauthenticated attacker to execute arbitrary commands and send a request to a specific URL
nvd
CVE-2020-25197P3HIGHCVSS 8.8fixed in 08a062022-03-18
CVE-2020-25197 [HIGH] CWE-94 CVE-2020-25197: A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system.
nvd
CVE-2020-25193P4MEDIUMCVSS 5.3fixed in 08a062022-03-18
CVE-2020-25193 [MEDIUM] CWE-321 CVE-2020-25193: By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection.
nvd