Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rt434_firmware
(Ge)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-18 | CVE-2020-25193 | By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection. | Rt430_firmware, Rt431_firmware, Rt434_firmware | 5.3 | ||
| 2022-03-18 | CVE-2020-25197 | A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system. | Rt430_firmware, Rt431_firmware, Rt434_firmware | 8.8 | ||
| 2020-06-02 | CVE-2020-12017 | GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. The device’s vulnerability in the web application could allow multiple unauthenticated attacks that could cause serious impact. The vulnerability may allow an unauthenticated attacker to execute arbitrary commands and send a request to a specific URL that could cause the device to become unresponsive. The unauthenticated attacker may change the password of the 'configuration' user account,... | Rt430_firmware, Rt431_firmware, Rt434_firmware | N/A |