PT-2018-1170 · Ge · Ge D60 Line Distance Relay

Kirill Nesterov

Published

2018-02-15

Updated

2022-04-19

CVE-2018-5473

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions GE D60 Line Distance Relay versions prior to 7.11

Description An issue with improper restriction of operations within the bounds of a memory buffer was found. The SSH functions are vulnerable to buffer overflow conditions, potentially allowing a remote attacker to execute arbitrary code on the device.

Recommendations For GE D60 Line Distance Relay versions prior to 7.11, consider disabling SSH functions as a temporary workaround until a patch is available. Restrict access to the device to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2018-00619

CVE-2018-5473

Affected Products

Ge D60 Line Distance Relay

PT-2018-1170 · Ge · Ge D60 Line Distance Relay

CVE-2018-5473

Weakness Enumeration

Related Identifiers

Affected Products

References · 5