GE Vernova Enervista UR Setup

RISK EVALUATION Successful exploitation of these vulnerabilities may allow code execution with elevated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

GE Vernova ProficySCADA 安全漏洞

GE Vernova ProficySCADA is a data acquisition and monitoring control system developed by the American company GE Vernova. Version 5.0.25920 of GE Vernova ProficySCADA contains a security vulnerability, which stems from improper handling of password input fields, potentially leading to application...

EUVD-2016-3394

Malware in sbrugna...

EUVD-2017-16876

Malware in sbrugna...

EUVD-2016-6723

Malware in sbrugna...

EUVD-2016-6722

Malware in sbrugna...

EUVD-2022-29029

Malicious code in bioql PyPI...

EUVD-2022-29031

Malicious code in bioql PyPI...

EUVD-2022-29030

Malicious code in bioql PyPI...

EUVD-2023-12887

Malicious code in bioql PyPI...

EUVD-2022-29028

Malicious code in bioql PyPI...

EUVD-2022-29032

Malicious code in bioql PyPI...

GE UR family Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-27422)

GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

CVE-2023-0898

General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application...

CVE-2022-24117

Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

CVE-2022-24116

Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0...

CVE-2022-24119

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0...

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

CVE-2022-24118

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

GE Vernova UR IED 输入验证错误漏洞

The GE Vernova UR IED is a series of protection relays from GE Vernova, USA. An input validation error vulnerability exists in GE Vernova UR IED versions 7.0 through 8.60, which stems from improper input validation and allows an attacker to establish a TCP connection via port forwarding...