VDB
CVE-2022-24117
CVE-2022-24117
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.
EPSS 0.12% · 29.8th percentile
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.12%
29.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ge | sd9_firmware | 0 |
| ge | sd4_firmware | 0 |
| ge | sd2_firmware | 0 |
| ge | td220x_firmware | 0 |
| ge | sd1_firmware | 0 |
| n/a | n/a | n/a |
| ge | inet_ii_900_firmware | 0 |
| ge | td220max_firmware | 0 |
| ge | inet_900_firmware | 0 |
Exploit Intelligence
Timeline
- Dec 26, 2022 CVE Published
- Dec 26, 2022 EPSS Score
- Feb 5, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 19, 2023 EPSS Score
- Apr 29, 2023 EPSS Score
- Jun 10, 2023 EPSS Score
- Jul 21, 2023 EPSS Score
- Aug 31, 2023 EPSS Score
- Oct 12, 2023 EPSS Score
- Nov 22, 2023 EPSS Score
- Jan 3, 2024 EPSS Score