Ge Multilin C70 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Ge Multilin C70 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-27426 — CVSS 9.8 (critical): GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,”…
CVE-2021-27428 — CVSS 9.8 (critical): GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup…
CVE-2021-27422 — CVSS 7.5 (high): GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information…
CVE-2021-27418 — CVSS 5.3 (medium): GE UR firmware versions prior to version 8.1x supports web interface with read-only access. The device fails to properly validate user…
CVE-2021-27420 — CVSS 5.3 (medium): GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of unsupported HTTP verbs, resulting in the…
CVE-2021-27424 — CVSS 5.3 (medium): GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. GE was made aware a “Last-key…