Vulnerabilities > GE > Rt434 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-03-18 CVE-2020-25193 Use of Hard-coded Credentials vulnerability in GE Rt430 Firmware, Rt431 Firmware and Rt434 Firmware
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection.
network
low complexity
ge CWE-798
5.3
2022-03-18 CVE-2020-25197 Code Injection vulnerability in GE Rt430 Firmware, Rt431 Firmware and Rt434 Firmware
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system.
network
low complexity
ge CWE-94
8.8
2020-06-02 CVE-2020-12017 Missing Authentication for Critical Function vulnerability in GE Rt430 Firmware, Rt431 Firmware and Rt434 Firmware
GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05.
network
low complexity
ge CWE-306
critical
9.8