Vulnerabilities > GE > SD9 Firmware > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-26 | CVE-2022-24119 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in GE products Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. | 9.8 |
2022-12-26 | CVE-2022-24118 | Resource Exhaustion vulnerability in GE products Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. | 9.1 |
2022-12-26 | CVE-2022-24117 | Download of Code Without Integrity Check vulnerability in GE products Certain General Electric Renewable Energy products download firmware without an integrity check. | 9.8 |
2022-12-26 | CVE-2022-24116 | Inadequate Encryption Strength vulnerability in GE products Certain General Electric Renewable Energy products have inadequate encryption strength. | 9.8 |