CVE-2022-24117

critical

Description

Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06

Details

Source: Mitre, NVD

Published: 2022-12-26

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical