First published: Mon Dec 26 2022(Updated: )
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ge Inet 900 Firmware | <8.3.0 | |
Ge Inet 900 | ||
Ge Inet Ii 900 Firmware | <8.3.0 | |
Ge Inet Ii 900 | ||
Ge Sd1 Firmware | <=6.4.7 | |
Ge Sd1 | ||
Ge Sd2 Firmware | <6.4.7 | |
Ge Sd2 | ||
Ge Sd4 Firmware | <6.4.7 | |
Ge Sd4 | ||
Ge Sd9 Firmware | <6.4.7 | |
Ge Sd9 | ||
Ge Td220max Firmware | <1.2.6 | |
Ge Td220max | ||
Ge Td220x Firmware | <2.0.16 | |
Ge Td220x | ||
General Electric Renewable Energy iNET/iNET II series radio firmware versions prior to rev. 8.3.0 | ||
General Electric Renewable Energy SD series radio firmware versions prior to rev. 6.4.7 | ||
General Electric Renewable Energy TD220X series radio firmware versions prior to rev. 2.0.16 | ||
General Electric Renewable Energy TD220MAX series radio firmware versions prior to rev. 1.2.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-24118 is a vulnerability that allows attackers to use a code to trigger a reboot into the factory default configuration in certain General Electric Renewable Energy products.
CVE-2022-24118 affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.
CVE-2022-24118 has a severity rating of 9.1 (critical).
Attackers can exploit CVE-2022-24118 by using a code to trigger a reboot into the factory default configuration.
To fix CVE-2022-24118, update the affected General Electric Renewable Energy products to versions higher than the vulnerable ones mentioned.