Cryptographic Key Exposure Vulnerability in GE Reason RT430, RT431 & RT434 GNSS Clocks

Cryptographic Key Exposure Vulnerability in GE Reason RT430, RT431 & RT434 GNSS Clocks

CVE-2020-25193 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection.

Learn more about our Web Application Penetration Testing UK.