Vulnerabilities > GE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-23 | CVE-2020-16244 | Unspecified vulnerability in GE Asset Performance Management Classic 4.4 GE Digital APM Classic, Versions 4.4 and prior. | 7.2 |
| 2020-09-23 | CVE-2020-16240 | Unspecified vulnerability in GE Asset Performance Management Classic 4.4 GE Digital APM Classic, Versions 4.4 and prior. | 5.3 |
| 2020-06-02 | CVE-2020-12017 | Missing Authentication for Critical Function vulnerability in GE Rt430 Firmware, Rt431 Firmware and Rt434 Firmware GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. | 9.8 |
| 2020-04-15 | CVE-2020-6992 | Improper Privilege Management vulnerability in GE Cimplicity A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. | 6.7 |
| 2020-04-07 | CVE-2019-13559 | Use of Hard-coded Credentials vulnerability in GE Mark VIE Controll System GE Mark VIe Controller is shipped with pre-configured hard-coded credentials that may allow root-user access to the controller. | 7.8 |
| 2020-04-07 | CVE-2019-13554 | Unspecified vulnerability in GE Mark VIE Control System GE Mark VIe Controller has an unsecured Telnet protocol that may allow a user to create an authenticated session using generic default credentials. | 8.8 |
| 2020-02-20 | CVE-2020-6977 | Unspecified vulnerability in GE products A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices. low complexity ge | 6.8 |
| 2020-01-23 | CVE-2012-6663 | Insufficiently Protected Credentials vulnerability in GE D200 Firmware and D20Me Firmware General Electric D20ME devices are not properly configured and reveal plaintext passwords. | 7.5 |
| 2019-12-18 | CVE-2019-18267 | Cross-site Scripting vulnerability in GE S2020 Firmware and S2020G Firmware An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. | 5.4 |
| 2019-07-10 | CVE-2019-10966 | Improper Authentication vulnerability in GE products In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms. | 5.3 |