CVE-2014-9201

Beckwith Electric <D-0346V03.00.02 - Info Disclosure

Title source: llm
STIX 2.1

Description

Beckwith Electric M-6200 Digital Voltage Regulator Control with firmware before D-0198V04.07.00, M-6200A Digital Voltage Regulator Control with firmware before D-0228V02.01.07, M-2001D Digital Tapchanger Control with firmware before D-0214V01.10.04, M-6283A Three Phase Digital Capacitor Bank Control with firmware before D-0346V03.00.02, M-6280A Digital Capacitor Bank Control with firmware before D-0254V03.05.05, and M-6280 Digital Capacitor Bank Control do not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-153-01

Scores

EPSS 0.0156
EPSS Percentile 72.3%

Details

CWE
CWE-20
Status published
Products (12)
beckwithelectric/m-2001d_digital_tapchanger_control
beckwithelectric/m-2001d_digital_tapchanger_control_d-0214_firmware < 01.10.04
beckwithelectric/m-6200_digital_voltage_regulator_control
beckwithelectric/m-6200_digital_voltage_regulator_control_d-0198_firmware < 04.07.00
beckwithelectric/m-6200a_digital_voltage_regulator_control
beckwithelectric/m-6200a_digital_voltage_regulator_control_d-0228_firmware < 02.01.07
beckwithelectric/m-6280_digital_capacitor_bank_control
beckwithelectric/m-6280_digital_capacitor_bank_control_firmware
beckwithelectric/m-6280a_digital_capacitor_bank_control
beckwithelectric/m-6280a_digital_capacitor_bank_control_d-0254_firmware < 03.05.05
... and 2 more
Published Jun 05, 2015
Tracked Since Feb 18, 2026