CVE-2014-9194

Name of the Vulnerable Software and Affected Versions Arbiter 1094B GPS Substation Clock (affected versions not specified) KW Multiprog and KW ProConOS (affected versions not specified)

Description The issue allows remote attackers to cause disruption or execute arbitrary commands. For the Arbiter 1094B GPS Substation Clock, this can be achieved via crafted radio transmissions that spoof GPS satellite broadcasts. In the case of KW Multiprog and KW ProConOS, the vulnerability is related to errors in managing registration data, which can be exploited using the PLC configuration protocol.

Recommendations For Arbiter 1094B GPS Substation Clock, consider implementing signal validation to prevent spoofed GPS transmissions until a patch is available. For KW Multiprog and KW ProConOS, restrict access to the configuration protocol to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.