Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.
CVSS Information
N/A
Vulnerability Type
口令使用弱密码学算法
Vulnerability Title
多款GE产品安全漏洞
Vulnerability Description
General Electric(GE) Multilin SR 750 Feeder Protection Relay等都是美国通用电气(GE)公司继电器产品。 多款GE产品存在安全漏洞。远程攻击者可利用该漏洞获取用户的弱加密密码,及未授权的访问权限。以下产品和版本受到影响:使用7.47之前版本固件的Multilin SR 750 Feeder Protection Relay;使用7.47版本固件的SR 760 Feeder Protection Relay;使用5.23版本固件的SR 469 Mot
CVSS Information
N/A
Vulnerability Type
N/A