Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.
References
| Link | Resource |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06 | Patch Third Party Advisory US Government Resource |
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06 | Patch Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
History
No history.
Information
Published : 2022-12-26 05:15
Updated : 2025-04-12 00:15
NVD link : CVE-2022-24117
Mitre link : CVE-2022-24117
CVE.ORG link : CVE-2022-24117
JSON object : View
Products Affected
ge
- inet_900
- inet_ii_900
- sd2_firmware
- td220max
- sd9_firmware
- sd4_firmware
- sd2
- inet_900_firmware
- sd4
- td220max_firmware
- td220x_firmware
- inet_ii_900_firmware
- sd9
- td220x
- sd1
- sd1_firmware
CWE
CWE-494
Download of Code Without Integrity Check