MEDIUM🇬🇧 English

CVE-2014-5409

CVSS 6.4v2.0pub. 2015-03-14upd. 2026-05-06

The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:N/A:P
  • Ge Hydran M2

    HW
    Ge
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-5908CRITICAL9.1PL ✓ten sam vendor

Buffer overflow w KEPServerEX umożliwiający crash lub wyciek danych

CVE-2022-2848CRITICAL9.1ten sam vendor

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2022-2825CRITICAL9.8ten sam vendor

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2023-0754CRITICAL9.8ten sam vendor

The affected products are vulnerable to an integer overflow or wraparound, which could  allow an attacker to ...

CVE-2023-0755CRITICAL9.8ten sam vendor

The affected products are vulnerable to an improper validation of array index, which could allow an attacker ...