CVE-2022-24118
Severity Score
9.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.
Ciertos productos de General Electric Renewable Energy permiten a los atacantes utilizar un código para activar un reinicio en la configuración predeterminada de fábrica. Esto afecta a iNET e iNET II anteriores a 8.3.0, SD anteriores a 6.4.7, TD220X anteriores a 2.0.16 y TD220MAX anteriores a 1.2.6.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-01-28 CVE Reserved
- 2022-12-26 CVE Published
- 2024-08-03 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06 | 2023-01-05 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ge Search vendor "Ge" | Inet 900 Firmware Search vendor "Ge" for product "Inet 900 Firmware" | < 8.3.0 Search vendor "Ge" for product "Inet 900 Firmware" and version " < 8.3.0" | - |
Affected
| in | Ge Search vendor "Ge" | Inet 900 Search vendor "Ge" for product "Inet 900" | - | - |
Safe
|
| Ge Search vendor "Ge" | Inet Ii 900 Firmware Search vendor "Ge" for product "Inet Ii 900 Firmware" | < 8.3.0 Search vendor "Ge" for product "Inet Ii 900 Firmware" and version " < 8.3.0" | - |
Affected
| in | Ge Search vendor "Ge" | Inet Ii 900 Search vendor "Ge" for product "Inet Ii 900" | - | - |
Safe
|
| Ge Search vendor "Ge" | Sd1 Firmware Search vendor "Ge" for product "Sd1 Firmware" | <= 6.4.7 Search vendor "Ge" for product "Sd1 Firmware" and version " <= 6.4.7" | - |
Affected
| in | Ge Search vendor "Ge" | Sd1 Search vendor "Ge" for product "Sd1" | - | - |
Safe
|
| Ge Search vendor "Ge" | Sd2 Firmware Search vendor "Ge" for product "Sd2 Firmware" | < 6.4.7 Search vendor "Ge" for product "Sd2 Firmware" and version " < 6.4.7" | - |
Affected
| in | Ge Search vendor "Ge" | Sd2 Search vendor "Ge" for product "Sd2" | - | - |
Safe
|
| Ge Search vendor "Ge" | Sd4 Firmware Search vendor "Ge" for product "Sd4 Firmware" | < 6.4.7 Search vendor "Ge" for product "Sd4 Firmware" and version " < 6.4.7" | - |
Affected
| in | Ge Search vendor "Ge" | Sd4 Search vendor "Ge" for product "Sd4" | - | - |
Safe
|
| Ge Search vendor "Ge" | Sd9 Firmware Search vendor "Ge" for product "Sd9 Firmware" | < 6.4.7 Search vendor "Ge" for product "Sd9 Firmware" and version " < 6.4.7" | - |
Affected
| in | Ge Search vendor "Ge" | Sd9 Search vendor "Ge" for product "Sd9" | - | - |
Safe
|
| Ge Search vendor "Ge" | Td220max Firmware Search vendor "Ge" for product "Td220max Firmware" | < 1.2.6 Search vendor "Ge" for product "Td220max Firmware" and version " < 1.2.6" | - |
Affected
| in | Ge Search vendor "Ge" | Td220max Search vendor "Ge" for product "Td220max" | - | - |
Safe
|
| Ge Search vendor "Ge" | Td220x Firmware Search vendor "Ge" for product "Td220x Firmware" | < 2.0.16 Search vendor "Ge" for product "Td220x Firmware" and version " < 2.0.16" | - |
Affected
| in | Ge Search vendor "Ge" | Td220x Search vendor "Ge" for product "Td220x" | - | - |
Safe
|