5 matches found
CVE-2022-24116
CVE-2022-24116: In General Electric Renewable Energy iNET and iNET II radios, inadequate encryption strength (CWE-326) is reported for firmware prior to rev. 8.3.0. The affected products include iNET/iNET II, with other GE radios (SD/TD220X/TD220MAX) affected in the broader advisory context. The ...
CVE-2022-24120
CVE-2022-24120 affects General Electric Renewable Energy iNET and iNET II radios (prior to firmware 8.3.0). The root cause is plaintext (cleartext) storage of credentials in the device flash memory, exposing sensitive data on affected systems. Impact is confidentiality risk (C:H) with vector like...
CVE-2022-24119
The CVE-2022-24119 entry affects General Electric Renewable Energy iNET and iNET II radios with firmware before 8.3.0, due to a hidden, undocumented feature that allows unauthenticated remote access to the device configuration shell (CWE-912). This can enable full control of the configuration ove...
CVE-2022-24117
CVE-2022-24117 affects General Electric Renewable Energy MDS radios: iNET/iNET II, SD, TD220X, and TD220MAX. Root cause is download of firmware without an integrity check, as described in vendor advisories. Impact, per the connected sources, includes potential compromise of firmware authenticity ...
CVE-2022-24118
CVE-2022-24118 affects GE Renewable Energy MDS radios: iNET/iNET II prior to 8.3.0, SD prior to 6.4.7, TD220X prior to 2.0.16, and TD220MAX prior to 1.2.6. Reported issue: an authentication/code mechanism can trigger a reset to factory default and reboot, constituting an uncontrolled resource con...