Vulnerability: Unauthorized Reboot to Factory Default Configuration in General Electric Renewable Energy Products

Vulnerability: Unauthorized Reboot to Factory Default Configuration in General Electric Renewable Energy Products

CVE-2022-24118 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.

Learn more about our Web Application Penetration Testing UK.