4 matches found
GE Reason DR60 Code Injection Vulnerability
The Reason DR60 is a centralized, all-in-one multi-function digital fault recorder DFR from GE. A code injection vulnerability exists in GE Reason DR60 firmware prior to version 02A04.1. The vulnerability stems from the software using externally influenced input from an upstream component to...
GE Reason DR60 Hardcoded Password Vulnerability
The Reason DR60 is a centralized, all-in-one multi-function digital fault recorder DFR from GE. A hard-coded password vulnerability exists in GE Reason DR60 firmware versions prior to 02A04.1. No details of the vulnerability are provided at this time...
GE Reason DR60 Improper Privilege Vulnerability
The Reason DR60 is a centralized, all-in-one multi-function digital fault recorder DFR from GE. A privilege impropriety vulnerability exists in GE Reason DR60 firmware prior to version 02A04.1. The vulnerability stems from the software performing operations with a privilege level higher than the...
GE Reason DR60
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Reason DR60 Vulnerabilities: Hard-coded Password, Code Injection, Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...