Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-7905 (GCVE-0-2017-7905)
Vulnerability from cvelistv5
Published
2017-06-30 02:35
Modified
2024-08-05 16:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.
References
| URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | GE Multilin SR, UR, and URplus Protective Relays |
Version: GE Multilin SR, UR, and URplus Protective Relays |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:29.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98063",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98063"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "GE Multilin SR, UR, and URplus Protective Relays",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "GE Multilin SR, UR, and URplus Protective Relays"
}
]
}
],
"datePublic": "2017-06-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-261",
"description": "CWE-261",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "98063",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98063"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-7905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GE Multilin SR, UR, and URplus Protective Relays",
"version": {
"version_data": [
{
"version_value": "GE Multilin SR, UR, and URplus Protective Relays"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-261"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98063",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98063"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-7905",
"datePublished": "2017-06-30T02:35:00",
"dateReserved": "2017-04-18T00:00:00",
"dateUpdated": "2024-08-05T16:19:29.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-7905\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2017-06-30T03:29:00.890\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema de criptograf\u00eda d\u00e9bil para contrase\u00f1as en General Electric (GE) Multilin SR 750 Feeder Protection Relay con versiones de firmware anteriores a la versi\u00f3n 7.47.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-261\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-326\"},{\"lang\":\"en\",\"value\":\"CWE-330\"},{\"lang\":\"en\",\"value\":\"CWE-522\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_sr_750_feeder_protection_relay_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.02\",\"matchCriteriaId\":\"F9CDB455-F6F8-4976-95D2-88D21720DE88\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_sr_750_feeder_protection_relay:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E636C33-148B-4C26-96B3-CA0D1575C26D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_sr_760_feeder_protection_relay_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.02\",\"matchCriteriaId\":\"FDE8714B-96AC-4A85-ADCC-D00F54803596\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_sr_760_feeder_protection_relay:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22504FF2-C1B7-406C-B253-ED7982A624D5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_sr_469_motor_protection_relay_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.90\",\"matchCriteriaId\":\"9928DE28-CE5A-4AC2-A956-D128764720BA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_sr_469_motor_protection_relay:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6A23088-B5C4-4B0A-9E92-12946555C8A0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_sr_489_generator_protection_relay_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.53\",\"matchCriteriaId\":\"8766AA67-18A8-4440-BED6-E6BBDF3EF78D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_sr_489_generator_protection_relay:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E899C89E-89EE-4FC1-809D-E6DB04989B28\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_sr_745_transformer_protection_relay_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.85\",\"matchCriteriaId\":\"F032369D-581E-4FCA-85CA-B932CB1E821D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_sr_745_transformer_protection_relay:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA36A160-426F-4911-9CF3-28E496AEDDB7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_sr_369_motor_protection_relay_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F15979-2C0D-4DD6-BA35-C5300EEF752D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_sr_369_motor_protection_relay:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CA749D2-FCF4-4936-84AA-EF317BB6DEEB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_universal_relay_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.0\",\"matchCriteriaId\":\"C329C25F-D48E-4B39-8FDB-88CE14E1D285\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_universal_relay:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84392E96-D1C4-438C-ABA9-DE1384623D5A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_urplus_d90_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36F9ACC9-EDE7-42E8-AF34-057EA862147D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_urplus_d90:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C697E8E-28F2-43F9-9B7D-0BF939B2F220\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_urplus_c90_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBEF4ACF-7851-4EA2-B6E8-D60DB0BC660B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_urplus_c90:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E16FE6EA-BB44-4B73-BFA5-30E1ADF5D522\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ge:multilin_urplus_b95_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11D188B6-4ADD-4FA6-9FF4-35B813911398\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ge:multilin_urplus_b95:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93C57507-A23D-4DF7-9D9B-3531F2235132\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/98063\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/98063\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
ICSA-17-117-01B
Vulnerability from csaf_cisa
Published
2017-04-27 00:00
Modified
2017-07-25 00:00
Summary
GE Multilin SR, UR, and URplus Protective Relays (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
ATTENTION: Remotely exploitable/low skill level to exploit.
Critical infrastructure sectors
Chemical, Critical Manufacturing, Dams, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Boston, Massachusetts
Recommended Practices
NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.
Recommended Practices
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target this vulnerability.
{
"document": {
"acknowledgments": [
{
"organization": "GE",
"summary": "reporting the vulnerability to ICS-CERT"
},
{
"names": [
"Anastasis Keliris",
"Charalambos Konstantinou",
"Marios Sazos",
"Dr. Michail (Mihalis) Maniatakos"
],
"organization": "New York University",
"summary": "initially identifying the vulnerability"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Chemical, Critical Manufacturing, Dams, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Boston, Massachusetts",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-17-117-01B JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-117-01b.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-17-117-01B Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-117-01b"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-117-01b"
}
],
"title": "GE Multilin SR, UR, and URplus Protective Relays (Update B)",
"tracking": {
"current_release_date": "2017-07-25T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-17-117-01B",
"initial_release_date": "2017-04-27T00:00:00.000000Z",
"revision_history": [
{
"date": "2017-04-27T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-17-117-01 GE Multilin SR Protective Relays"
},
{
"date": "2017-05-18T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-17-117-01A GE Multilin SR, UR, and URplus Protective Relays (Update A)"
},
{
"date": "2017-07-25T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-17-117-01B GE Multilin SR, UR, and URplus Protective Relays (Update B)"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "URplus (D90 C90 B95): all versions",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "URplus (D90 C90 B95)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.27",
"product": {
"name": "MX350 Relay firmware: versions prior to Version 1.27",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "MX350 Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.06",
"product": {
"name": "489 Generator Protection Relay firmware: versions prior to Version 4.06",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "489 Generator Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "3.63",
"product": {
"name": "369 Motor Protection Relay: Version 3.63",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "369 Motor Protection Relay"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 5.23",
"product": {
"name": "469 Motor Protection Relay firmware: versions prior to Version 5.23",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "469 Motor Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "1.86",
"product": {
"name": "URplus firmware: Version 1.86",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "URplus firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 3.63",
"product": {
"name": "369 Motor Protection Relay firmware: versions prior to Version 3.63",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "369 Motor Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 03A02",
"product": {
"name": "T1000 Switch firmware: versions prior to Version 03A02",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "T1000 Switch firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.25",
"product": {
"name": "MM200 Motor Management System firmware: versions prior to Version 1.25",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "MM200 Motor Management System firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "4.06",
"product": {
"name": "489 Generator Protection Relay: Version 4.06",
"product_id": "CSAFPID-00010"
}
}
],
"category": "product_name",
"name": "489 Generator Protection Relay"
},
{
"branches": [
{
"category": "product_version",
"name": "7.47",
"product": {
"name": "750 Feeder Protection Relay: Version 7.47",
"product_id": "CSAFPID-00011"
}
}
],
"category": "product_name",
"name": "750 Feeder Protection Relay"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 6.02 | \u003c= 6.05",
"product": {
"name": "Universal Relay firmware: Version 6.02 to 6.05",
"product_id": "CSAFPID-00012"
}
}
],
"category": "product_name",
"name": "Universal Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.29",
"product": {
"name": "RPTCS firmware: versions prior to Version 1.29",
"product_id": "CSAFPID-00013"
}
}
],
"category": "product_name",
"name": "RPTCS firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "6.02 (excluding Version 5.83 Version 5.92 and all subsequent minor releases)",
"product": {
"name": "Universal Relay firmware: Version 6.02 (excluding Version 5.83 Version 5.92 and all subsequent minor releases)",
"product_id": "CSAFPID-00014"
}
}
],
"category": "product_name",
"name": "Universal Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "5.83",
"product": {
"name": "Universal Relay firmware: Version 5.83",
"product_id": "CSAFPID-00015"
}
}
],
"category": "product_name",
"name": "Universal Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 7.47",
"product": {
"name": "760 Feeder Protection Relay firmware: versions prior to Version 7.47",
"product_id": "CSAFPID-00016"
}
}
],
"category": "product_name",
"name": "760 Feeder Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "7.47",
"product": {
"name": "760 Feeder Protection Relay: Version 7.47",
"product_id": "CSAFPID-00017"
}
}
],
"category": "product_name",
"name": "760 Feeder Protection Relay"
},
{
"branches": [
{
"category": "product_version",
"name": "1.03",
"product": {
"name": "B95Plus firmware: Version 1.03",
"product_id": "CSAFPID-00018"
}
}
],
"category": "product_name",
"name": "B95Plus firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 2.30",
"product": {
"name": "339 Motor Protection Relay firmware: versions prior to Version 2.30",
"product_id": "CSAFPID-00019"
}
}
],
"category": "product_name",
"name": "339 Motor Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 2.30",
"product": {
"name": "350 Feeder Protection Relay firmware: versions prior to Version 2.30",
"product_id": "CSAFPID-00020"
}
}
],
"category": "product_name",
"name": "350 Feeder Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 2.30",
"product": {
"name": "345 Transformer Protection Relay firmware: versions prior to Version 2.30",
"product_id": "CSAFPID-00021"
}
}
],
"category": "product_name",
"name": "345 Transformer Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "5.23",
"product": {
"name": "469 Motor Protection Relay: Version 5.23",
"product_id": "CSAFPID-00022"
}
}
],
"category": "product_name",
"name": "469 Motor Protection Relay"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.71",
"product": {
"name": "MM300 Motor Management Relay firmware: versions prior to Version 1.71",
"product_id": "CSAFPID-00023"
}
}
],
"category": "product_name",
"name": "MM300 Motor Management Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "5.92",
"product": {
"name": "Universal Relay firmware: Version 5.92",
"product_id": "CSAFPID-00024"
}
}
],
"category": "product_name",
"name": "Universal Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 7.47",
"product": {
"name": "750 Feeder Protection Relay firmware: versions prior to Version 7.47",
"product_id": "CSAFPID-00025"
}
}
],
"category": "product_name",
"name": "750 Feeder Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 5.23",
"product": {
"name": "745 Transformer Protection Relay firmware: versions prior to Version 5.23",
"product_id": "CSAFPID-00026"
}
}
],
"category": "product_name",
"name": "745 Transformer Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "5.23",
"product": {
"name": "745 Transformer Protection Relay: Version 5.23",
"product_id": "CSAFPID-00027"
}
}
],
"category": "product_name",
"name": "745 Transformer Protection Relay"
},
{
"branches": [
{
"category": "product_version",
"name": "1.92",
"product": {
"name": "URplus firmware: Version 1.92",
"product_id": "CSAFPID-00028"
}
}
],
"category": "product_name",
"name": "URplus firmware"
}
],
"category": "vendor",
"name": "General Electric (GE)"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-7905",
"cwe": {
"id": "CWE-261",
"name": "Weak Encoding for Password"
},
"notes": [
{
"category": "summary",
"text": "Cipher text versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Cipher text of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.CVE-2017-7905 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7905"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "GE\u0027s download link for 760 Feeder Protection Relay, Version 7.47 is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=750\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 750 Feeder Protection Relay, Version 7.47 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=750\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 745 Transformer Protection Relay, Version 5.23 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=745\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 489 Generator Protection Relay, Version 4.06 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=489\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 469 Motor Protection Relay, Version 5.23 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=469\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 369 Motor Protection Relay, Version 3.63 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=369\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE security advisory, UR-2017-00001 Multilin UR/URPlus Family of Protective Relays, is available at the following location, with a valid account:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/ViewFiles.aspx?prod=t60\u0026type=21"
},
{
"category": "mitigation",
"details": "GE had identified additional legacy products that have the same vulnerability as the SR protective relays and in response, has released the following updated firmware versions:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the MM300 Motor Management Relay, firmware Version 1.71 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3dMM300%26type%3d7%26file%3d2"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/mm300/GER-4807.pdf"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the MM200 Motor Management System, firmware Version 1.25 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3dMm200%26type%3d7%26file%3d3"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/mm200/GER-4801.pdf"
},
{
"category": "mitigation",
"details": "MX350 Relay, firmware versions prior to Version 1.27,",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "For more information about the availability of this firmware version, contact GE\u0027s support:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/multilin/support.aspx"
},
{
"category": "mitigation",
"details": "RPTCS, firmware versions prior to Version 1.29,",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "For more information about the availability of this firmware version, contact GE\u0027s support:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/multilin/support.aspx"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the 350 Feeder Protection Relay, firmware Version 2.30 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3d350%26type%3d7%26file%3d3"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/3Series/GER-4791.pdf"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the 345 Transformer Protection Relay, firmware Version 2.30, is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3d345%26type%3d7%26file%3d2"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/3Series/GER-4791.pdf"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the 339 Motor Protection Relay, firmware Version 2.30, is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3d339%26type%3d7%26file%3d2"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/3Series/GER-4791.pdf"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the T1000 Switch, firmware Version 03A02 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3dS20-T1000%26type%3d7%26file%3d3"
},
{
"category": "mitigation",
"details": "GE UR firmware versions 7.xx are not affected. GE has released updates that remove the ability to obtain the password cipher text in the following firmware versions:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Universal Relay: firmware Version 5.83",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Universal Relay: firmware Version 5.92",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Universal Relay: firmware Version 6.02 to 6.05",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "The Universal Relay firmware is available at the following location:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "https://www.gegridsolutions.com/app/ViewFiles.aspx?prod=urfamily\u0026type=7"
},
{
"category": "mitigation",
"details": "GE reports that the URplus platform will have firmware updates released in July 2017 for the following product versions:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "URplus: firmware Version 1.86",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "URplus: firmware Version 1.92",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "B95Plus: firmware Version 1.03",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "GE recommends that users apply updated firmware versions to affected products, as well as implement the following physical security and network security defensive measures:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Control access to affected products by keeping devices in a locked and secure environment,",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Remove passwords when decommissioning devices,",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Monitor and block malicious network activity, and",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Implement appropriate network segmentation and place affected devices within the control system network, behind properly configured firewalls. Protection and Control system devices should not be directly connected to the Internet or business networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "GE security advisory, SR-2017-00001 Multilin SR Family of Protective Relays, is available at the following location, with a valid account:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "https://www.gegridsolutions.com/app/ViewFiles.aspx?prod=750\u0026type=21"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
}
]
}
]
}
icsa-17-117-01b
Vulnerability from csaf_cisa
Published
2017-04-27 00:00
Modified
2017-07-25 00:00
Summary
GE Multilin SR, UR, and URplus Protective Relays (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
ATTENTION: Remotely exploitable/low skill level to exploit.
Critical infrastructure sectors
Chemical, Critical Manufacturing, Dams, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Boston, Massachusetts
Recommended Practices
NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.
Recommended Practices
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target this vulnerability.
{
"document": {
"acknowledgments": [
{
"organization": "GE",
"summary": "reporting the vulnerability to ICS-CERT"
},
{
"names": [
"Anastasis Keliris",
"Charalambos Konstantinou",
"Marios Sazos",
"Dr. Michail (Mihalis) Maniatakos"
],
"organization": "New York University",
"summary": "initially identifying the vulnerability"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Chemical, Critical Manufacturing, Dams, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Boston, Massachusetts",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-17-117-01B JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-117-01b.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-17-117-01B Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-117-01b"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-117-01b"
}
],
"title": "GE Multilin SR, UR, and URplus Protective Relays (Update B)",
"tracking": {
"current_release_date": "2017-07-25T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-17-117-01B",
"initial_release_date": "2017-04-27T00:00:00.000000Z",
"revision_history": [
{
"date": "2017-04-27T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-17-117-01 GE Multilin SR Protective Relays"
},
{
"date": "2017-05-18T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-17-117-01A GE Multilin SR, UR, and URplus Protective Relays (Update A)"
},
{
"date": "2017-07-25T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-17-117-01B GE Multilin SR, UR, and URplus Protective Relays (Update B)"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "URplus (D90 C90 B95): all versions",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "URplus (D90 C90 B95)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.27",
"product": {
"name": "MX350 Relay firmware: versions prior to Version 1.27",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "MX350 Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.06",
"product": {
"name": "489 Generator Protection Relay firmware: versions prior to Version 4.06",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "489 Generator Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "3.63",
"product": {
"name": "369 Motor Protection Relay: Version 3.63",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "369 Motor Protection Relay"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 5.23",
"product": {
"name": "469 Motor Protection Relay firmware: versions prior to Version 5.23",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "469 Motor Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "1.86",
"product": {
"name": "URplus firmware: Version 1.86",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "URplus firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 3.63",
"product": {
"name": "369 Motor Protection Relay firmware: versions prior to Version 3.63",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "369 Motor Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 03A02",
"product": {
"name": "T1000 Switch firmware: versions prior to Version 03A02",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "T1000 Switch firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.25",
"product": {
"name": "MM200 Motor Management System firmware: versions prior to Version 1.25",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "MM200 Motor Management System firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "4.06",
"product": {
"name": "489 Generator Protection Relay: Version 4.06",
"product_id": "CSAFPID-00010"
}
}
],
"category": "product_name",
"name": "489 Generator Protection Relay"
},
{
"branches": [
{
"category": "product_version",
"name": "7.47",
"product": {
"name": "750 Feeder Protection Relay: Version 7.47",
"product_id": "CSAFPID-00011"
}
}
],
"category": "product_name",
"name": "750 Feeder Protection Relay"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 6.02 | \u003c= 6.05",
"product": {
"name": "Universal Relay firmware: Version 6.02 to 6.05",
"product_id": "CSAFPID-00012"
}
}
],
"category": "product_name",
"name": "Universal Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.29",
"product": {
"name": "RPTCS firmware: versions prior to Version 1.29",
"product_id": "CSAFPID-00013"
}
}
],
"category": "product_name",
"name": "RPTCS firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "6.02 (excluding Version 5.83 Version 5.92 and all subsequent minor releases)",
"product": {
"name": "Universal Relay firmware: Version 6.02 (excluding Version 5.83 Version 5.92 and all subsequent minor releases)",
"product_id": "CSAFPID-00014"
}
}
],
"category": "product_name",
"name": "Universal Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "5.83",
"product": {
"name": "Universal Relay firmware: Version 5.83",
"product_id": "CSAFPID-00015"
}
}
],
"category": "product_name",
"name": "Universal Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 7.47",
"product": {
"name": "760 Feeder Protection Relay firmware: versions prior to Version 7.47",
"product_id": "CSAFPID-00016"
}
}
],
"category": "product_name",
"name": "760 Feeder Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "7.47",
"product": {
"name": "760 Feeder Protection Relay: Version 7.47",
"product_id": "CSAFPID-00017"
}
}
],
"category": "product_name",
"name": "760 Feeder Protection Relay"
},
{
"branches": [
{
"category": "product_version",
"name": "1.03",
"product": {
"name": "B95Plus firmware: Version 1.03",
"product_id": "CSAFPID-00018"
}
}
],
"category": "product_name",
"name": "B95Plus firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 2.30",
"product": {
"name": "339 Motor Protection Relay firmware: versions prior to Version 2.30",
"product_id": "CSAFPID-00019"
}
}
],
"category": "product_name",
"name": "339 Motor Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 2.30",
"product": {
"name": "350 Feeder Protection Relay firmware: versions prior to Version 2.30",
"product_id": "CSAFPID-00020"
}
}
],
"category": "product_name",
"name": "350 Feeder Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 2.30",
"product": {
"name": "345 Transformer Protection Relay firmware: versions prior to Version 2.30",
"product_id": "CSAFPID-00021"
}
}
],
"category": "product_name",
"name": "345 Transformer Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "5.23",
"product": {
"name": "469 Motor Protection Relay: Version 5.23",
"product_id": "CSAFPID-00022"
}
}
],
"category": "product_name",
"name": "469 Motor Protection Relay"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.71",
"product": {
"name": "MM300 Motor Management Relay firmware: versions prior to Version 1.71",
"product_id": "CSAFPID-00023"
}
}
],
"category": "product_name",
"name": "MM300 Motor Management Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "5.92",
"product": {
"name": "Universal Relay firmware: Version 5.92",
"product_id": "CSAFPID-00024"
}
}
],
"category": "product_name",
"name": "Universal Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 7.47",
"product": {
"name": "750 Feeder Protection Relay firmware: versions prior to Version 7.47",
"product_id": "CSAFPID-00025"
}
}
],
"category": "product_name",
"name": "750 Feeder Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 5.23",
"product": {
"name": "745 Transformer Protection Relay firmware: versions prior to Version 5.23",
"product_id": "CSAFPID-00026"
}
}
],
"category": "product_name",
"name": "745 Transformer Protection Relay firmware"
},
{
"branches": [
{
"category": "product_version",
"name": "5.23",
"product": {
"name": "745 Transformer Protection Relay: Version 5.23",
"product_id": "CSAFPID-00027"
}
}
],
"category": "product_name",
"name": "745 Transformer Protection Relay"
},
{
"branches": [
{
"category": "product_version",
"name": "1.92",
"product": {
"name": "URplus firmware: Version 1.92",
"product_id": "CSAFPID-00028"
}
}
],
"category": "product_name",
"name": "URplus firmware"
}
],
"category": "vendor",
"name": "General Electric (GE)"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-7905",
"cwe": {
"id": "CWE-261",
"name": "Weak Encoding for Password"
},
"notes": [
{
"category": "summary",
"text": "Cipher text versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Cipher text of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.CVE-2017-7905 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7905"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "GE\u0027s download link for 760 Feeder Protection Relay, Version 7.47 is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=750\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 750 Feeder Protection Relay, Version 7.47 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=750\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 745 Transformer Protection Relay, Version 5.23 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=745\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 489 Generator Protection Relay, Version 4.06 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=489\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 469 Motor Protection Relay, Version 5.23 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=469\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for 369 Motor Protection Relay, Version 3.63 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=369\u0026type=7\u0026file=2"
},
{
"category": "mitigation",
"details": "GE security advisory, UR-2017-00001 Multilin UR/URPlus Family of Protective Relays, is available at the following location, with a valid account:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/app/ViewFiles.aspx?prod=t60\u0026type=21"
},
{
"category": "mitigation",
"details": "GE had identified additional legacy products that have the same vulnerability as the SR protective relays and in response, has released the following updated firmware versions:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the MM300 Motor Management Relay, firmware Version 1.71 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3dMM300%26type%3d7%26file%3d2"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/mm300/GER-4807.pdf"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the MM200 Motor Management System, firmware Version 1.25 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3dMm200%26type%3d7%26file%3d3"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/mm200/GER-4801.pdf"
},
{
"category": "mitigation",
"details": "MX350 Relay, firmware versions prior to Version 1.27,",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "For more information about the availability of this firmware version, contact GE\u0027s support:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/multilin/support.aspx"
},
{
"category": "mitigation",
"details": "RPTCS, firmware versions prior to Version 1.29,",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "For more information about the availability of this firmware version, contact GE\u0027s support:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/multilin/support.aspx"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the 350 Feeder Protection Relay, firmware Version 2.30 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3d350%26type%3d7%26file%3d3"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/3Series/GER-4791.pdf"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the 345 Transformer Protection Relay, firmware Version 2.30, is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3d345%26type%3d7%26file%3d2"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/3Series/GER-4791.pdf"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the 339 Motor Protection Relay, firmware Version 2.30, is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3d339%26type%3d7%26file%3d2"
},
{
"category": "mitigation",
"details": "GE\u0027s release notification is as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/products/support/3Series/GER-4791.pdf"
},
{
"category": "mitigation",
"details": "GE\u0027s download link for the T1000 Switch, firmware Version 03A02 is as follows (login required):",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "http://www.gegridsolutions.com/Passport/Login.aspx?ReturnUrl=%2fapp%2fDownloadFile.aspx%3fprod%3dS20-T1000%26type%3d7%26file%3d3"
},
{
"category": "mitigation",
"details": "GE UR firmware versions 7.xx are not affected. GE has released updates that remove the ability to obtain the password cipher text in the following firmware versions:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Universal Relay: firmware Version 5.83",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Universal Relay: firmware Version 5.92",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Universal Relay: firmware Version 6.02 to 6.05",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "The Universal Relay firmware is available at the following location:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "https://www.gegridsolutions.com/app/ViewFiles.aspx?prod=urfamily\u0026type=7"
},
{
"category": "mitigation",
"details": "GE reports that the URplus platform will have firmware updates released in July 2017 for the following product versions:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "URplus: firmware Version 1.86",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "URplus: firmware Version 1.92",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "B95Plus: firmware Version 1.03",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "GE recommends that users apply updated firmware versions to affected products, as well as implement the following physical security and network security defensive measures:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Control access to affected products by keeping devices in a locked and secure environment,",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Remove passwords when decommissioning devices,",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Monitor and block malicious network activity, and",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "Implement appropriate network segmentation and place affected devices within the control system network, behind properly configured firewalls. Protection and Control system devices should not be directly connected to the Internet or business networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
},
{
"category": "mitigation",
"details": "GE security advisory, SR-2017-00001 Multilin SR Family of Protective Relays, is available at the following location, with a valid account:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
],
"url": "https://www.gegridsolutions.com/app/ViewFiles.aspx?prod=750\u0026type=21"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028"
]
}
]
}
]
}
gsd-2017-7905
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-7905",
"description": "A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.",
"id": "GSD-2017-7905"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-7905"
],
"details": "A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.",
"id": "GSD-2017-7905",
"modified": "2023-12-13T01:21:06.844039Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-7905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "GE Multilin SR, UR, and URplus Protective Relays",
"version": {
"version_data": [
{
"version_value": "GE Multilin SR, UR, and URplus Protective Relays"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-261"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98063",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98063"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_sr_750_feeder_protection_relay_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.02",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_sr_750_feeder_protection_relay:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_sr_760_feeder_protection_relay_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.02",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_sr_760_feeder_protection_relay:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_sr_469_motor_protection_relay_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.90",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_sr_469_motor_protection_relay:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_sr_489_generator_protection_relay_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.53",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_sr_489_generator_protection_relay:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_sr_745_transformer_protection_relay_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.85",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_sr_745_transformer_protection_relay:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_sr_369_motor_protection_relay_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_sr_369_motor_protection_relay:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_universal_relay_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_universal_relay:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_urplus_d90_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_urplus_d90:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_urplus_c90_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_urplus_c90:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:ge:multilin_urplus_b95_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ge:multilin_urplus_b95:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-7905"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
},
{
"lang": "en",
"value": "CWE-330"
},
{
"lang": "en",
"value": "CWE-522"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A"
},
{
"name": "98063",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98063"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-10-09T23:29Z",
"publishedDate": "2017-06-30T03:29Z"
}
}
}
var-201706-0659
Vulnerability from variot
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands. plural General Electric (GE) The product contains cryptographic vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The GE Multilin SR Relay Protector has an unauthorized access vulnerability that allows an attacker to gain access to a user password from a front panel or Modbus command and gain unauthorized access to GE MultilinSR Series Relay Protector products. GE 750 Feeder Protection Relay and others are relay products of General Electric (GE) of the United States. Security vulnerabilities exist in several GE products due to weak passwords used by programs. An attacker could exploit this vulnerability to gain access to the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0659",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "multilin urplus b95",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": null
},
{
"model": "multilin sr 369 motor protection relay",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": null
},
{
"model": "multilin urplus d90",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": null
},
{
"model": "multilin urplus c90",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": null
},
{
"model": "multilin sr 750 feeder protection relay",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "5.02"
},
{
"model": "multilin sr 489 generator protection relay",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "1.53"
},
{
"model": "multilin sr 760 feeder protection relay",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "5.02"
},
{
"model": "multilin sr 745 transformer protection relay",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "2.85"
},
{
"model": "multilin universal relay",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "6.0"
},
{
"model": "multilin sr 469 motor protection relay",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "2.90"
},
{
"model": "sr 369 motor protection relay",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"model": "sr 469 motor protection relay",
"scope": "lt",
"trust": 0.8,
"vendor": "general electric",
"version": "5.23"
},
{
"model": "sr 489 generator protection relay",
"scope": "lt",
"trust": 0.8,
"vendor": "general electric",
"version": "4.06"
},
{
"model": "sr 745 transformer protection relay",
"scope": "lt",
"trust": 0.8,
"vendor": "general electric",
"version": "5.23"
},
{
"model": "sr 750 feeder protection relay",
"scope": "lt",
"trust": 0.8,
"vendor": "general electric",
"version": "7.47"
},
{
"model": "sr 760 feeder protection relay",
"scope": "lt",
"trust": 0.8,
"vendor": "general electric",
"version": "7.47"
},
{
"model": "universal relay",
"scope": "lte",
"trust": 0.8,
"vendor": "general electric",
"version": "6.0"
},
{
"model": "urplus b95",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"model": "urplus c90",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"model": "urplus d90",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": null
},
{
"model": "feeder protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "750\u003c7.47"
},
{
"model": "feeder protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "760\u003c7.47"
},
{
"model": "motor protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "469\u003c5.23"
},
{
"model": "generator protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "489\u003c4.06"
},
{
"model": "transformer protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "745\u003c5.23"
},
{
"model": "feeder protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "750"
},
{
"model": "feeder protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "760"
},
{
"model": "transformer protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "745"
},
{
"model": "generator protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "489"
},
{
"model": "motor protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "469"
},
{
"model": "motor protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "369"
},
{
"model": "multilin sr 489 generator protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "1.53"
},
{
"model": "multilin sr 750 feeder protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "5.02"
},
{
"model": "multilin sr 745 transformer protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "2.85"
},
{
"model": "multilin sr 469 motor protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "2.90"
},
{
"model": "multilin universal relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "6.0"
},
{
"model": "multilin sr 760 feeder protection relay",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "5.02"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin sr 750 feeder protection relay",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin urplus b95",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin sr 760 feeder protection relay",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin sr 469 motor protection relay",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin sr 489 generator protection relay",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin sr 745 transformer protection relay",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin sr 369 motor protection relay",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin universal relay",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin urplus d90",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "multilin urplus c90",
"version": null
},
{
"model": "feeder protection relay",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "7600"
},
{
"model": "feeder protection relay",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "7500"
},
{
"model": "transformer protection relay",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "7450"
},
{
"model": "generator protection relay",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "4890"
},
{
"model": "motor protection relay",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "4690"
},
{
"model": "motor protection relay",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "3690"
},
{
"model": "feeder protection relay",
"scope": "ne",
"trust": 0.3,
"vendor": "ge",
"version": "7607.47"
},
{
"model": "feeder protection relay",
"scope": "ne",
"trust": 0.3,
"vendor": "ge",
"version": "7507.47"
},
{
"model": "transformer protection relay",
"scope": "ne",
"trust": 0.3,
"vendor": "ge",
"version": "7455.23"
},
{
"model": "generator protection relay",
"scope": "ne",
"trust": 0.3,
"vendor": "ge",
"version": "4894.06"
},
{
"model": "motor protection relay",
"scope": "ne",
"trust": 0.3,
"vendor": "ge",
"version": "4695.23"
}
],
"sources": [
{
"db": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c"
},
{
"db": "IVD",
"id": "d9b1473e-6988-4096-86db-42efea36309a"
},
{
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"db": "BID",
"id": "98063"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-173"
},
{
"db": "NVD",
"id": "CVE-2017-7905"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ge:multilin_sr_369_motor_protection_relay_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ge:multilin_sr_469_motor_protection_relay_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ge:multilin_sr_489_generator_protection_relay_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ge:multilin_sr_745_transformer_protection_relay_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ge:multilin_sr_750_feeder_protection_relay_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ge:multilin_sr_760_feeder_protection_relay_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ge:multilin_universal_relay_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ge:multilin_urplus_b95_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ge:multilin_urplus_c90_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:ge:multilin_urplus_d90_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005682"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Charalambos Konstantinou,Anastasis Keliris, Marios Sazos, and Dr. Michail (Mihalis) Maniatakos.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-173"
}
],
"trust": 0.6
},
"cve": "CVE-2017-7905",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-7905",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-05694",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-07261",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "d9b1473e-6988-4096-86db-42efea36309a",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-116108",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-7905",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7905",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-7905",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-05694",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-07261",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-173",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "d9b1473e-6988-4096-86db-42efea36309a",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-116108",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c"
},
{
"db": "IVD",
"id": "d9b1473e-6988-4096-86db-42efea36309a"
},
{
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"db": "VULHUB",
"id": "VHN-116108"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-173"
},
{
"db": "NVD",
"id": "CVE-2017-7905"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands. plural General Electric (GE) The product contains cryptographic vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The GE Multilin SR Relay Protector has an unauthorized access vulnerability that allows an attacker to gain access to a user password from a front panel or Modbus command and gain unauthorized access to GE MultilinSR Series Relay Protector products. GE 750 Feeder Protection Relay and others are relay products of General Electric (GE) of the United States. Security vulnerabilities exist in several GE products due to weak passwords used by programs. An attacker could exploit this vulnerability to gain access to the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7905"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"db": "BID",
"id": "98063"
},
{
"db": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c"
},
{
"db": "IVD",
"id": "d9b1473e-6988-4096-86db-42efea36309a"
},
{
"db": "VULHUB",
"id": "VHN-116108"
}
],
"trust": 3.42
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7905",
"trust": 4.4
},
{
"db": "BID",
"id": "98063",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-117-01A",
"trust": 2.3
},
{
"db": "CNNVD",
"id": "CNNVD-201705-173",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-117-01",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-05694",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-07261",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-117-01B",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005682",
"trust": 0.8
},
{
"db": "IVD",
"id": "5DD457B7-DA91-43E9-BBCF-14025AD4CF1C",
"trust": 0.2
},
{
"db": "IVD",
"id": "D9B1473E-6988-4096-86DB-42EFEA36309A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-116108",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c"
},
{
"db": "IVD",
"id": "d9b1473e-6988-4096-86db-42efea36309a"
},
{
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"db": "VULHUB",
"id": "VHN-116108"
},
{
"db": "BID",
"id": "98063"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-173"
},
{
"db": "NVD",
"id": "CVE-2017-7905"
}
]
},
"id": "VAR-201706-0659",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c"
},
{
"db": "IVD",
"id": "d9b1473e-6988-4096-86db-42efea36309a"
},
{
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"db": "VULHUB",
"id": "VHN-116108"
}
],
"trust": 2.5333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c"
},
{
"db": "IVD",
"id": "d9b1473e-6988-4096-86db-42efea36309a"
},
{
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"db": "CNVD",
"id": "CNVD-2017-07261"
}
]
},
"last_update_date": "2024-11-23T22:01:04.439000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.gegridsolutions.com/index.htm"
},
{
"title": "GE Multilin SR Relay Protector Unauthorized Access Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/92971"
},
{
"title": "Patches for multiple GE product weak password vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/94150"
},
{
"title": "Multiple GE Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=69825"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-173"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-326",
"trust": 1.1
},
{
"problemtype": "CWE-330",
"trust": 1.1
},
{
"problemtype": "CWE-522",
"trust": 1.1
},
{
"problemtype": "CWE-261",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116108"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"db": "NVD",
"id": "CVE-2017-7905"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/98063"
},
{
"trust": 2.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-117-01a"
},
{
"trust": 0.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-117-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7905"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-117-01b"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7905"
},
{
"trust": 0.3,
"url": "https://www.gegridsolutions.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"db": "VULHUB",
"id": "VHN-116108"
},
{
"db": "BID",
"id": "98063"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-173"
},
{
"db": "NVD",
"id": "CVE-2017-7905"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c"
},
{
"db": "IVD",
"id": "d9b1473e-6988-4096-86db-42efea36309a"
},
{
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"db": "VULHUB",
"id": "VHN-116108"
},
{
"db": "BID",
"id": "98063"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-173"
},
{
"db": "NVD",
"id": "CVE-2017-7905"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-01T00:00:00",
"db": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c"
},
{
"date": "2017-05-23T00:00:00",
"db": "IVD",
"id": "d9b1473e-6988-4096-86db-42efea36309a"
},
{
"date": "2017-05-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"date": "2017-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"date": "2017-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-116108"
},
{
"date": "2017-04-27T00:00:00",
"db": "BID",
"id": "98063"
},
{
"date": "2017-08-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"date": "2017-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-173"
},
{
"date": "2017-06-30T03:29:00.890000",
"db": "NVD",
"id": "CVE-2017-7905"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05694"
},
{
"date": "2017-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-07261"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-116108"
},
{
"date": "2017-05-02T00:11:00",
"db": "BID",
"id": "98063"
},
{
"date": "2017-08-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005682"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-173"
},
{
"date": "2024-11-21T03:32:56.070000",
"db": "NVD",
"id": "CVE-2017-7905"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-173"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GE Multilin SR Relay Protector Unauthorized Access Vulnerability",
"sources": [
{
"db": "IVD",
"id": "5dd457b7-da91-43e9-bbcf-14025ad4cf1c"
},
{
"db": "CNVD",
"id": "CNVD-2017-05694"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-173"
}
],
"trust": 0.6
}
}
cnvd-2017-07261
Vulnerability from cnvd
Title
多款GE产品弱密码漏洞
Description
GE 750 Feeder Protection Relay等都是美国通用电气(GE)公司的继电器产品。
多款GE产品中存在安全漏洞,由于程序使用弱密码。攻击者可利用该漏洞获取系统的访问权限。
Severity
高
VLAI Severity ?
Patch Name
多款GE产品弱密码漏洞的补丁
Patch Description
GE 750 Feeder Protection Relay等都是美国通用电气(GE)公司的继电器产品。
多款GE产品中存在安全漏洞,由于程序使用弱密码。攻击者可利用该漏洞获取系统的访问权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,详情请关注厂商主页: https://www.gegridsolutions.com/
Reference
http://www.securityfocus.com/bid/98063
https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A
Impacted products
| Name | ['GE 750 Feeder Protection Relay', 'GE 760 Feeder Protection Relay', 'GE 745 Transformer Protection Relay', 'GE 489 Generator Protection Relay', 'GE 469 Motor Protection Relay', 'GE 369 Motor Protection Relay'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "98063"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-7905",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7905"
}
},
"description": "GE 750 Feeder Protection Relay\u7b49\u90fd\u662f\u7f8e\u56fd\u901a\u7528\u7535\u6c14\uff08GE\uff09\u516c\u53f8\u7684\u7ee7\u7535\u5668\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eGE\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u5f31\u5bc6\u7801\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7cfb\u7edf\u7684\u8bbf\u95ee\u6743\u9650\u3002",
"discovererName": "Anastasis Keliris, Charalambos Konstantinou, Marios Sazos, and Dr. Michail (Mihalis) Maniatakos.",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.gegridsolutions.com/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-07261",
"openTime": "2017-05-23",
"patchDescription": "GE 750 Feeder Protection Relay\u7b49\u90fd\u662f\u7f8e\u56fd\u901a\u7528\u7535\u6c14\uff08GE\uff09\u516c\u53f8\u7684\u7ee7\u7535\u5668\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eGE\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u5f31\u5bc6\u7801\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7cfb\u7edf\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eGE\u4ea7\u54c1\u5f31\u5bc6\u7801\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"GE 750 Feeder Protection Relay",
"GE 760 Feeder Protection Relay",
"GE 745 Transformer Protection Relay",
"GE 489 Generator Protection Relay",
"GE 469 Motor Protection Relay",
"GE 369 Motor Protection Relay"
]
},
"referenceLink": "http://www.securityfocus.com/bid/98063\r\nhttps://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A",
"serverity": "\u9ad8",
"submitTime": "2017-05-05",
"title": "\u591a\u6b3eGE\u4ea7\u54c1\u5f31\u5bc6\u7801\u6f0f\u6d1e"
}
ghsa-j9fv-w27p-6g89
Vulnerability from github
Published
2022-05-13 01:36
Modified
2022-05-13 01:36
Severity ?
VLAI Severity ?
Details
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.
{
"affected": [],
"aliases": [
"CVE-2017-7905"
],
"database_specific": {
"cwe_ids": [
"CWE-261",
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-30T03:29:00Z",
"severity": "CRITICAL"
},
"details": "A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.",
"id": "GHSA-j9fv-w27p-6g89",
"modified": "2022-05-13T01:36:16Z",
"published": "2022-05-13T01:36:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7905"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98063"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2017-7905
Vulnerability from fkie_nvd
Published
2017-06-30 03:29
Modified
2025-04-20 01:37
Severity ?
Summary
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/98063 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98063 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A | Patch, Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_sr_750_feeder_protection_relay_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CDB455-F6F8-4976-95D2-88D21720DE88",
"versionEndIncluding": "5.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_sr_750_feeder_protection_relay:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E636C33-148B-4C26-96B3-CA0D1575C26D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_sr_760_feeder_protection_relay_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE8714B-96AC-4A85-ADCC-D00F54803596",
"versionEndIncluding": "5.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_sr_760_feeder_protection_relay:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22504FF2-C1B7-406C-B253-ED7982A624D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_sr_469_motor_protection_relay_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9928DE28-CE5A-4AC2-A956-D128764720BA",
"versionEndIncluding": "2.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_sr_469_motor_protection_relay:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6A23088-B5C4-4B0A-9E92-12946555C8A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_sr_489_generator_protection_relay_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8766AA67-18A8-4440-BED6-E6BBDF3EF78D",
"versionEndIncluding": "1.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_sr_489_generator_protection_relay:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E899C89E-89EE-4FC1-809D-E6DB04989B28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_sr_745_transformer_protection_relay_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F032369D-581E-4FCA-85CA-B932CB1E821D",
"versionEndIncluding": "2.85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_sr_745_transformer_protection_relay:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA36A160-426F-4911-9CF3-28E496AEDDB7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_sr_369_motor_protection_relay_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F15979-2C0D-4DD6-BA35-C5300EEF752D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_sr_369_motor_protection_relay:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA749D2-FCF4-4936-84AA-EF317BB6DEEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_universal_relay_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C329C25F-D48E-4B39-8FDB-88CE14E1D285",
"versionEndIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_universal_relay:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84392E96-D1C4-438C-ABA9-DE1384623D5A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_urplus_d90_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F9ACC9-EDE7-42E8-AF34-057EA862147D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_urplus_d90:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C697E8E-28F2-43F9-9B7D-0BF939B2F220",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_urplus_c90_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBEF4ACF-7851-4EA2-B6E8-D60DB0BC660B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_urplus_c90:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E16FE6EA-BB44-4B73-BFA5-30E1ADF5D522",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:multilin_urplus_b95_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D188B6-4ADD-4FA6-9FF4-35B813911398",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:multilin_urplus_b95:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93C57507-A23D-4DF7-9D9B-3531F2235132",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. Ciphertext versions of user passwords were created with a non-random initialization vector leaving them susceptible to dictionary attacks. Ciphertext of user passwords can be obtained from the front LCD panel of affected products and through issued Modbus commands."
},
{
"lang": "es",
"value": "Se ha descubierto un problema de criptograf\u00eda d\u00e9bil para contrase\u00f1as en General Electric (GE) Multilin SR 750 Feeder Protection Relay con versiones de firmware anteriores a la versi\u00f3n 7.47."
}
],
"id": "CVE-2017-7905",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-30T03:29:00.890",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98063"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-261"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-326"
},
{
"lang": "en",
"value": "CWE-330"
},
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…