This page lists publicly disclosed CVE vulnerabilities affecting ge sd9_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-24120 | Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0. | [email protected] | 4.6 | 0.18% | 2022-12-26 | 2025-04-12 |
| CVE-2022-24119 | Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0. | [email protected] | 9.8 | 0.72% | 2022-12-26 | 2025-04-12 |
| CVE-2022-24118 | Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6. | [email protected] | 9.1 | 0.63% | 2022-12-26 | 2025-04-12 |
| CVE-2022-24117 | Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6. | [email protected] | 9.8 | 0.35% | 2022-12-26 | 2025-04-12 |
| CVE-2022-24116 | Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0. | [email protected] | 9.8 | 0.29% | 2022-12-26 | 2025-04-12 |