Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-24120 | 1 Ge | 16 Inet 900, Inet 900 Firmware, Inet Ii 900 and 13 more | 2024-11-21 | N/A | 4.6 MEDIUM |
Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0. | |||||
CVE-2022-24119 | 1 Ge | 16 Inet 900, Inet 900 Firmware, Inet Ii 900 and 13 more | 2024-11-21 | N/A | 9.8 CRITICAL |
Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0. | |||||
CVE-2022-24118 | 1 Ge | 16 Inet 900, Inet 900 Firmware, Inet Ii 900 and 13 more | 2024-11-21 | N/A | 9.1 CRITICAL |
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6. | |||||
CVE-2022-24117 | 1 Ge | 16 Inet 900, Inet 900 Firmware, Inet Ii 900 and 13 more | 2024-11-21 | N/A | 9.8 CRITICAL |
Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6. | |||||
CVE-2022-24116 | 1 Ge | 16 Inet 900, Inet 900 Firmware, Inet Ii 900 and 13 more | 2024-11-21 | N/A | 9.8 CRITICAL |
Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0. |