RSS   Vulnerabilities for
'Multilin universal relay firmware'
   RSS

2017-06-29
 
CVE-2017-7905

CWE-522
 

 
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.

 

 >>> Vendor: GE 81 Products
Communicator
Cimplicity
IFIX
Intelligent platforms proficy historian
Intelligent platforms proficy plant applications
Intelligent platforms proficy real-time information porta
Intelligent platforms proficy hmi%2Fscada ifix
Intelligent platforms proficy batch execution
Intelligent platforms si7 i%2Fo driver
Intelligent platforms proficy pulse
Intelligent platforms proficy hmi/scada ifix
Intelligent platforms si7 i/o driver
Intelligent platforms proficy real-time information portal
Intelligent platforms proficy hmi/scada cimplicity
Intelligent platforms proficy process systems with cimplicity
Intelligent platforms proficy process systems
Intelligent platforms proficy dnp3 i/o driver
Intelligent platforms proficy hmi%2fscada cimplicity
Multilink ml1200
Multilink ml1600
Multilink ml2400
Multilink ml3000
Multilink ml3100
Multilink ml800
Multilink ml810
Multilink ml1200 firmware
Multilink ml1600 firmware
Multilink ml2400 firmware
Multilink ml3000 firmware
Multilink ml3100 firmware
Multilink ml800 firmware
Multilink ml810 firmware
12400 level transmitter device type manager
Svi ii ap positioner device type manager
Vector device type manager
Hydran m2
Healtcare millennium mg firmware
Healtcare millennium myosight firmware
Healtcare millennium nc firmware
Healthcare millennium mg firmware
Healthcare millennium myosight firmware
Healthcare millennium nc firmware
Mds pulsenet
Ups snmp web adapter firmware
Snmp web adapter firmware
Multilink firmware
Bently nevada 3500/22m serial firmware
Bently nevada 3500/22m usb firmware
Multilin sr 489 generator protection relay firmware
Multilin urplus c90 firmware
Multilin urplus d90 firmware
Multilin sr 745 transformer protection relay firmware
Multilin sr 760 feeder protection relay firmware
Multilin universal relay firmware
Multilin sr 369 motor protection relay firmware
Multilin urplus b95 firmware
Multilin sr 750 feeder protection relay firmware
Multilin sr 469 motor protection relay firmware
D60 line distance relay firmware
Gemnet license server
Xeleris
Infinia hawkeye 4 firmware
Centricity pacs ra1000
Pacsystems cpu320 firmware
Pacsystems cru320 firmware
Pacsystems rsti-ep cpe 100 firmware
Pacsystems rx3i cpe305 firmware
Pacsystems rx3i cpe310 firmware
Pacsystems rxi firmware
Rx3i cpe330 firmware
Rx3i cpe 400 firmware
Snmp/web adapter firmware
Ge communicator
Aespire 7100 firmware
Aespire 7900 firmware
Aestiva 7100 firmware
Aestiva 7900 firmware
Mark vie controll system
Mark vie control system
Industrial gateway server
Ur bootloader binary


Copyright 2024, cxsecurity.com

 

Back to Top