CVE-2020-25193

By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection...

Hardcoded credentials

By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection...

CVE-2020-25193

The CVE-2020-25193 issue affects GE Reason RT430, RT431 and RT434 GNSS clocks with firmware versions prior to 08A06. The root cause is a hard-coded cryptographic key that allows an attacker to intercept and decrypt HTTPS traffic. Impact is partial confidentiality loss in encrypted communications....

CVE-2020-25197

Summary: CVE-2020-25197 affects GE Reason RT43X GNSS clocks (RT430, RT431, RT434). The underlying issue is a code injection vulnerability in webpages served by the device, allowing an authenticated remote attacker to execute arbitrary code on the system. Affected firmware versions are prior to 08...

GE Reason RT430 Clock Code Injection Vulnerability

The GE Reason RT430 Clock is a precision clock device from General Electric GE that references GPS and GLONASS satellites. A security vulnerability exists in multiple GE products where an authenticated, remote attacker could execute arbitrary code on the system or intercept and decrypt encrypted...

CVE-2020-12017

CVE-2020-12017 affects GE Grid Solutions Reason RT Clocks RT430, RT431, and RT434 (firmware