MEDIUM🇵🇱 Wersja polska

CVE-2014-5409

CVSS 6.4v2.0pub. 2015-03-14upd. 2026-05-06

The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:N/A:P
  • Ge Hydran M2

    HW
    Ge
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-5908CRITICAL9.1PL ✓ten sam vendor

Buffer overflow w KEPServerEX umożliwiający crash lub wyciek danych

CVE-2022-2848CRITICAL9.1ten sam vendor

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2022-2825CRITICAL9.8ten sam vendor

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2023-0754CRITICAL9.8ten sam vendor

The affected products are vulnerable to an integer overflow or wraparound, which could  allow an attacker to ...

CVE-2023-0755CRITICAL9.8ten sam vendor

The affected products are vulnerable to an improper validation of array index, which could allow an attacker ...