Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0.
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NGe Inet 900
HWGewszystkie wersjeGe Inet 900 Firmware
OSGe< 8.3.0Ge Inet Ii 900
HWGewszystkie wersjeGe Inet Ii 900 Firmware
OSGe< 8.3.0Ge Sd1
HWGewszystkie wersjeGe Sd1 Firmware
OSGe≤ 6.4.7Ge Sd2
HWGewszystkie wersjeGe Sd2 Firmware
OSGe< 6.4.7Ge Sd4
HWGewszystkie wersjeGe Sd4 Firmware
OSGe< 6.4.7Ge Sd9
HWGewszystkie wersjeGe Sd9 Firmware
OSGe< 6.4.7Ge Td220max
HWGewszystkie wersjeGe Td220max Firmware
OSGe< 1.2.6Ge Td220x
HWGewszystkie wersjeGe Td220x Firmware
OSGe< 2.0.16
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2022-24116CRITICAL9.8ten sam produkt
Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and ...
CVE-2022-24117CRITICAL9.8ten sam produkt
Certain General Electric Renewable Energy products download firmware without an integrity check. This affects ...
CVE-2022-24118CRITICAL9.1ten sam produkt
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the ...
CVE-2022-24119CRITICAL9.8ten sam produkt
Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to ...
CVE-2023-5908CRITICAL9.1PL ✓ten sam vendor
Buffer overflow w KEPServerEX umożliwiający crash lub wyciek danych