GE Vernova Enervista UR Setup

RISK EVALUATION Successful exploitation of these vulnerabilities may allow code execution with elevated privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...

GE Vernova ProficySCADA 安全漏洞

GE Vernova ProficySCADA is a data acquisition and monitoring control system developed by the American company GE Vernova. Version 5.0.25920 of GE Vernova ProficySCADA contains a security vulnerability, which stems from improper handling of password input fields, potentially leading to application...

EUVD-2016-6722

Malware in sbrugna...

EUVD-2016-6723

Malware in sbrugna...

EUVD-2017-16876

Malware in sbrugna...

EUVD-2016-3394

Malware in sbrugna...

EUVD-2022-29028

Malicious code in bioql PyPI...

EUVD-2023-12887

Malicious code in bioql PyPI...

EUVD-2022-29032

Malicious code in bioql PyPI...

EUVD-2022-29031

Malicious code in bioql PyPI...

EUVD-2022-29030

Malicious code in bioql PyPI...

EUVD-2022-29029

Malicious code in bioql PyPI...

GE UR family Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-27422)

GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

The vulnerability of GE Vernova Intelligent Electronic Devices (IEDs) from the UR series, related to insufficient verification of input data, allows intruders to circumvent existing security restrictions.

The vulnerability of GE Vernova Intelligent Electronic Devices IEDs from the UR series is related to insufficient verification of input data. Exploiting this vulnerability can allow an attacker operating remotely to circumvent existing security restrictions...

CVE-2023-0898

General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application...

CVE-2022-24117

Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...

CVE-2022-24116

Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0...

CVE-2022-24119

Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0...

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

CVE-2022-24118

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6...