CVE-2018-5473

CRITICAL

GE D60 Line Distance Relay <7.11 - Buffer Overflow

Title source: llm
STIX 2.1

Description

An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-046-02
Broken Link vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/103054

Scores

CVSS v3 9.8
EPSS 0.0593
EPSS Percentile 92.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
ge/d60_line_distance_relay_firmware < 7.11
Published Feb 19, 2018
Tracked Since Feb 18, 2026