Vulnerabilities > GE > Aestiva 7900 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-07-10 CVE-2019-10966 Improper Authentication vulnerability in GE products
In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms.
network
low complexity
ge CWE-287
5.3