Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06 | Patch Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
05 Jan 2023, 15:59
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-312 | |
References | (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06 - Patch, Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.6 |
First Time |
Ge sd1 Firmware
Ge sd2 Firmware Ge td220x Firmware Ge Ge td220max Ge inet 900 Firmware Ge td220max Firmware Ge sd4 Firmware Ge inet 900 Ge inet Ii 900 Firmware Ge inet Ii 900 Ge sd4 Ge sd1 Ge sd9 Ge td220x Ge sd9 Firmware Ge sd2 |
|
CPE | cpe:2.3:o:ge:sd9_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:td220x_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:td220max:-:*:*:*:*:*:*:* cpe:2.3:h:ge:sd1:-:*:*:*:*:*:*:* cpe:2.3:h:ge:sd9:-:*:*:*:*:*:*:* cpe:2.3:o:ge:sd1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:sd2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:inet_ii_900:-:*:*:*:*:*:*:* cpe:2.3:o:ge:td220max_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:td220x:-:*:*:*:*:*:*:* cpe:2.3:o:ge:sd4_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:inet_900_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:sd4:-:*:*:*:*:*:*:* cpe:2.3:h:ge:inet_900:-:*:*:*:*:*:*:* cpe:2.3:h:ge:sd2:-:*:*:*:*:*:*:* cpe:2.3:o:ge:inet_ii_900_firmware:*:*:*:*:*:*:*:* |
26 Dec 2022, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-26 05:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-24120
Mitre link : CVE-2022-24120
CVE.ORG link : CVE-2022-24120
JSON object : View
Products Affected
ge
- sd1
- sd2_firmware
- sd9_firmware
- inet_ii_900
- sd4_firmware
- sd2
- sd1_firmware
- sd4
- td220max
- td220x
- td220max_firmware
- inet_ii_900_firmware
- td220x_firmware
- sd9
- inet_900_firmware
- inet_900
CWE
CWE-312
Cleartext Storage of Sensitive Information