CVE-2014-5409

EPSS 0.49%
Published 14.03.2015 01:59:00
Last modified 12.04.2025 10:46:40
Source ics-cert@hq.dhs.gov
Teams watchlist Login
Open Login

The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Ge ≫ Hydran M2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.49%	0.645

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://libraries.ge.com/download?fileid=642886573101&entity_id=31955841101&sid=101

https://ics-cert.us-cert.gov/advisories/ICSA-15-041-02

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2014-5409

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-5409

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-5409

EUVD