← Voltar para CVEs
CVE-2014-5409
N/ADescricao
The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado3/14/2015
Ultima modificacao11/3/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
ge:hydran_m2
Fraquezas (CWE)
CWE-343
Referencias
http://libraries.ge.com/download?fileid=642886573101&entity_id=31955841101&sid=101(ics-cert@hq.dhs.gov)
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-041-02.json(ics-cert@hq.dhs.gov)
https://www.cisa.gov/news-events/ics-advisories/icsa-15-041-02(ics-cert@hq.dhs.gov)
http://libraries.ge.com/download?fileid=642886573101&entity_id=31955841101&sid=101(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-15-041-02(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.