CVE-2022-24116: Weak Encryption
First published: Mon Dec 26 2022(Updated: )
Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| General Electric Renewable Energy iNET/iNET II series radio firmware | ||
| General Electric Renewable Energy SD series radio firmware | ||
| General Electric Renewable Energy TD220X series radio firmware | ||
| General Electric Renewable Energy TD220MAX series radio firmware | ||
| GE Inet 900 | <8.3.0 | |
| GE Inet 900 Firmware | ||
| General Electric Renewable Energy iNET/iNET II series radio firmware | <8.3.0 | |
| GE INET II 900 Firmware | ||
| GE SD1 | <=6.4.7 | |
| Hametech Hame SD1 Wi-Fi | ||
| GE SD2 | <6.4.7 | |
| GE SD2 | ||
| GE SD4 | <6.4.7 | |
| GE SD4 Firmware | ||
| GE SD9 | <6.4.7 | |
| GE SD9 Firmware | ||
| General Electric Renewable Energy TD220MAX series radio firmware | <1.2.6 | |
| Ge Td220max Firmware | ||
| General Electric Renewable Energy TD220X series radio firmware | <2.0.16 | |
| GE TD220X Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-24116.
Which General Electric (GE) Renewable Energy products are affected by this vulnerability?
This vulnerability affects GE iNET and iNET II products before version 8.3.0.
What is the severity level of CVE-2022-24116?
CVE-2022-24116 has a severity level of 9.8 (critical).
How can I fix this vulnerability?
To fix CVE-2022-24116, update your GE iNET and iNET II products to version 8.3.0 or later.
Where can I find more information about this vulnerability?
You can find more information about CVE-2022-24116 at the following link: [CISA Advisory ICSA-22-090-06](https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06).
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/severity
- agent/references
- agent/event
- agent/trending
- agent/source
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/general electric renewable energy
- canonical/general electric renewable energy inet/inet ii series radio firmware
- canonical/general electric renewable energy sd series radio firmware
- canonical/general electric renewable energy td220x series radio firmware
- canonical/general electric renewable energy td220max series radio firmware
- vendor/ge
- canonical/ge inet 900
- canonical/ge inet 900 firmware
- canonical/ge inet ii 900 firmware
- canonical/ge sd1
- version/ge sd1/6.4.7
- canonical/hametech hame sd1 wi-fi
- canonical/ge sd2
- canonical/ge sd4
- canonical/ge sd4 firmware
- canonical/ge sd9
- canonical/ge sd9 firmware
- canonical/ge td220max firmware
- canonical/ge td220x firmware