Code Injection Vulnerability in GE Reason GNSS Clocks

Code Injection Vulnerability in GE Reason GNSS Clocks

CVE-2020-25197 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacker to execute arbitrary code on the system.

Learn more about our Web App Pen Testing.