GE Energy D20/D200 Substation Controller Code Execution and Information Disclosure Vulnerabilities
BID:51578
Info
GE Energy D20/D200 Substation Controller Code Execution and Information Disclosure Vulnerabilities
| Bugtraq ID: | 51578 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 20 2012 12:00AM |
| Updated: | Jan 20 2012 12:00AM |
| Credit: | Reid Wightman |
| Vulnerable: |
General Electric D20/D200 Substation Controller 0 |
| Not Vulnerable: | |
Discussion
GE Energy D20/D200 Substation Controller Code Execution and Information Disclosure Vulnerabilities
D20/D200 Substation Controller is prone to multiple security vulnerabilities, including an arbitrary code-execution issue and an information-disclosure issue.
Successful exploits of these issues may allow an attacker to execute arbitrary code or obtain potentially sensitive information.
D20/D200 Substation Controller is prone to multiple security vulnerabilities, including an arbitrary code-execution issue and an information-disclosure issue.
Successful exploits of these issues may allow an attacker to execute arbitrary code or obtain potentially sensitive information.
Exploit / POC
GE Energy D20/D200 Substation Controller Code Execution and Information Disclosure Vulnerabilities
Reportedly, multiple proofs of concept are available. Please see the references for more information.
Reportedly, multiple proofs of concept are available. Please see the references for more information.
Solution / Fix
GE Energy D20/D200 Substation Controller Code Execution and Information Disclosure Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
GE Energy D20/D200 Substation Controller Code Execution and Information Disclosure Vulnerabilities
References:
References:
- D20/D200 Substation Controller Homepage (General Electric)
- ICS-ALERT-12-019-01�??GE D20ME PLC MULT I PLE VULNERABILITIES (ICS-CERT)