CVE-2022-24118

Name of the Vulnerable Software and Affected Versions General Electric Renewable Energy iNET versions prior to 8.3.0 General Electric Renewable Energy iNET II versions prior to 8.3.0 General Electric Renewable Energy SD versions prior to 6.4.7 General Electric Renewable Energy TD220X versions prior to 2.0.16 General Electric Renewable Energy TD220MAX versions prior to 1.2.6

Description The issue is related to an uncontrolled resource consumption in the firmware of General Electric Renewable Energy industrial control equipment. Exploitation of this issue may allow an attacker to cause a denial of service. Certain General Electric Renewable Energy products are affected, allowing attackers to use a code to trigger a reboot into the factory default configuration.

Recommendations For iNET and iNET II versions prior to 8.3.0, update to version 8.3.0 or later. For SD versions prior to 6.4.7, update to version 6.4.7 or later. For TD220X versions prior to 2.0.16, update to version 2.0.16 or later. For TD220MAX versions prior to 1.2.6, update to version 1.2.6 or later.