← volver
CVE-2014-9196

Eaton’s Cooper Power Series Form 6 Control and Idea/IdeaPlus Relays with Ethernet

CVSS 7.6 EPSS 2.3%CWE-342
Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
AV:N/AC:H/Au:N/C:C/I:C/A:C
Productos afectados
Eaton’s Cooper Power Systems · Idea/IdeaPLUS relaysEaton’s Cooper Power Systems · Series Form 6

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://ics-cert.us-cert.gov/advisories/ICSA-15-006-01https://www.cisa.gov/news-events/ics-advisories/icsa-15-006-01https://www.eaton.com/cybersecurityhttp://www.securityfocus.com/bid/75936