You are here

GE PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, Rxi (ICSA-18-137-01)

GE PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, Rxi (ICSA-18-137-01)

Created: Monday, May 21, 2018 - 12:48
Categories:
Cybersecurity

The NCCIC has released an advisory on an improper input validation vulnerability in GE PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, Rxi. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could cause the device to reboot and change its state, causing the device to become unavailable. GE has released the following firmware to mitigate the vulnerability. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. NCCIC/ICS-CERT.