Lucene search

[email protected]CVE-2014-9201

HistoryJun 05, 2015 - 10:59 a.m.

CVE-2014-9201

2015-06-0510:59:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2014-9201

beckwith electric

digital voltage regulator

tapchanger control

three phase digital capacitor bank control

firmware

remote attack

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

6.9 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.8%

JSON

Beckwith Electric M-6200 Digital Voltage Regulator Control with firmware before D-0198V04.07.00, M-6200A Digital Voltage Regulator Control with firmware before D-0228V02.01.07, M-2001D Digital Tapchanger Control with firmware before D-0214V01.10.04, M-6283A Three Phase Digital Capacitor Bank Control with firmware before D-0346V03.00.02, M-6280A Digital Capacitor Bank Control with firmware before D-0254V03.05.05, and M-6280 Digital Capacitor Bank Control do not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.

Affected configurations

NVD

Node

beckwithelectricm-2001d_digital_tapchanger_controlMatch-

beckwithelectricm-6200_digital_voltage_regulator_controlMatch-

beckwithelectricm-6200a_digital_voltage_regulator_controlMatch-

beckwithelectricm-6280_digital_capacitor_bank_controlMatch-

beckwithelectricm-6280a_digital_capacitor_bank_controlMatch-

beckwithelectricm-6283a_three_phase_digital_capacitor_bank_controlMatch-

beckwithelectricm-2001d_digital_tapchanger_control_d-0214_firmwareRange≤01.10.04

beckwithelectricm-6200_digital_voltage_regulator_control_d-0198_firmwareRange≤04.07.00

beckwithelectricm-6200a_digital_voltage_regulator_control_d-0228_firmwareRange≤02.01.07

beckwithelectricm-6280_digital_capacitor_bank_control_firmwareMatch-

beckwithelectricm-6280a_digital_capacitor_bank_control_d-0254_firmwareRange≤03.05.05

beckwithelectricm-6283a_three_phase_digital_capacitor_bank_control_d-0346_firmwareRange≤03.00.02

CPENameOperatorVersion
beckwithelectric:m-2001d_digital_tapchanger_controlbeckwithelectric m-2001d digital tapchanger controleq-
beckwithelectric:m-6200_digital_voltage_regulator_controlbeckwithelectric m-6200 digital voltage regulator controleq-
beckwithelectric:m-6200a_digital_voltage_regulator_controlbeckwithelectric m-6200a digital voltage regulator controleq-
beckwithelectric:m-6280_digital_capacitor_bank_controlbeckwithelectric m-6280 digital capacitor bank controleq-
beckwithelectric:m-6280a_digital_capacitor_bank_controlbeckwithelectric m-6280a digital capacitor bank controleq-
beckwithelectric:m-6283a_three_phase_digital_capacitor_bank_controlbeckwithelectric m-6283a three phase digital capacitor bank controleq-
beckwithelectric:m-2001d_digital_tapchanger_control_d-0214_firmwarebeckwithelectric m-2001d digital tapchanger control d-0214 firmwarele01.10.04
beckwithelectric:m-6200_digital_voltage_regulator_control_d-0198_firmwarebeckwithelectric m-6200 digital voltage regulator control d-0198 firmwarele04.07.00
beckwithelectric:m-6200a_digital_voltage_regulator_control_d-0228_firmwarebeckwithelectric m-6200a digital voltage regulator control d-0228 firmwarele02.01.07
beckwithelectric:m-6280_digital_capacitor_bank_control_firmwarebeckwithelectric m-6280 digital capacitor bank control firmwareeq-

CPE	Name	Operator	Version
beckwithelectric:m-2001d_digital_tapchanger_control	beckwithelectric m-2001d digital tapchanger control	eq	-
beckwithelectric:m-6200_digital_voltage_regulator_control	beckwithelectric m-6200 digital voltage regulator control	eq	-
beckwithelectric:m-6200a_digital_voltage_regulator_control	beckwithelectric m-6200a digital voltage regulator control	eq	-
beckwithelectric:m-6280_digital_capacitor_bank_control	beckwithelectric m-6280 digital capacitor bank control	eq	-
beckwithelectric:m-6280a_digital_capacitor_bank_control	beckwithelectric m-6280a digital capacitor bank control	eq	-
beckwithelectric:m-6283a_three_phase_digital_capacitor_bank_control	beckwithelectric m-6283a three phase digital capacitor bank control	eq	-
beckwithelectric:m-2001d_digital_tapchanger_control_d-0214_firmware	beckwithelectric m-2001d digital tapchanger control d-0214 firmware	le	01.10.04
beckwithelectric:m-6200_digital_voltage_regulator_control_d-0198_firmware	beckwithelectric m-6200 digital voltage regulator control d-0198 firmware	le	04.07.00
beckwithelectric:m-6200a_digital_voltage_regulator_control_d-0228_firmware	beckwithelectric m-6200a digital voltage regulator control d-0228 firmware	le	02.01.07
beckwithelectric:m-6280_digital_capacitor_bank_control_firmware	beckwithelectric m-6280 digital capacitor bank control firmware	eq	-

Rows per page:

1-10 of 121

References

ics-cert.us-cert.gov/advisories/ICSA-15-153-01

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

6.9 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.8%

JSON

Related for CVE-2014-9201

cvelist1 nvd1 prion1 ics1