Skip to main content

Inet Ii 900 Firmware

5 CVEs product

Monthly

CVE-2022-24120 MEDIUM PATCH This Month

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Inet 900 Firmware Inet Ii 900 Firmware Sd1 Firmware Sd2 Firmware +4
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2022-24119 CRITICAL PATCH Act Now

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Inet 900 Firmware Inet Ii 900 Firmware Sd1 Firmware Sd2 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-24118 CRITICAL PATCH Act Now

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Inet 900 Firmware Inet Ii 900 Firmware Sd1 Firmware Sd2 Firmware +4
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2022-24117 CRITICAL PATCH Act Now

Certain General Electric Renewable Energy products download firmware without an integrity check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Inet 900 Firmware Inet Ii 900 Firmware Sd1 Firmware Sd2 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-24116 CRITICAL PATCH Act Now

Certain General Electric Renewable Energy products have inadequate encryption strength. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Inet 900 Firmware Inet Ii 900 Firmware Sd1 Firmware Sd2 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
0.3%
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Inet 900 Firmware Inet Ii 900 Firmware +6
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Inet 900 Firmware Inet Ii 900 Firmware +6
NVD
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Inet 900 Firmware Inet Ii 900 Firmware +6
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Certain General Electric Renewable Energy products download firmware without an integrity check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Inet 900 Firmware Inet Ii 900 Firmware +6
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Certain General Electric Renewable Energy products have inadequate encryption strength. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Inet 900 Firmware Inet Ii 900 Firmware +6
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy