CVE-2017-7905
The CVE covers a weakness in cryptographic handling of passwords in GE Multilin protection relays (SR series, UR/URPlus). A non-random initialization vector was used for ciphertext passwords, making them vulnerable to dictionary attacks. Password ciphertext could be obtained from the front LCD or...