CVE-2022-43977
First published: Tue Jan 17 2023(Updated: )
An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. The debug port accessible via TCP (a qconn service) lacks access control.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ge Ms 3000 Firmware | <3.7.6.25p0_3.2.2.17p0_4.7p0 | |
| Ge Ms 3000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-43977.
What is the severity of CVE-2022-43977?
The severity of CVE-2022-43977 is critical with a CVSS score of 9.8.
Which devices are affected by CVE-2022-43977?
GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0 are affected by CVE-2022-43977.
What is the issue with the affected devices?
The debug port accessible via TCP (a qconn service) lacks access control.
How can I fix CVE-2022-43977?
To fix CVE-2022-43977, update the GE Grid Solutions MS3000 firmware to version 3.7.6.25p0_3.2.2.17p0_4.7p0 or later.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- agent/tags
- agent/first-publish-date
- vendor/ge
- canonical/ge ms 3000 firmware
- canonical/ge ms 3000