CVE-2014-5409 (GCVE-0-2014-5409)

Vulnerability from cvelistv5 – Published: 2015-03-14 01:00 – Updated: 2025-11-03 18:58
VLAI?
Summary
The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
GE Hydran M2, containing the 17046 Ethernet option Affected: 0 , < October 2014 (custom)
Create a notification for this product.
Credits
Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:41:49.209Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-041-02"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://libraries.ge.com/download?fileid=642886573101\u0026entity_id=31955841101\u0026sid=101"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Hydran M2, containing the 17046 Ethernet option",
          "vendor": "GE",
          "versions": [
            {
              "lessThan": "October 2014",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech"
        }
      ],
      "datePublic": "2015-03-10T06:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.\u003c/p\u003e"
            }
          ],
          "value": "The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values."
        }
      ],
      "metrics": [
        {
          "cvssV2_0": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-343",
              "description": "CWE-343",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-03T18:58:26.900Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-041-02"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://libraries.ge.com/download?fileid=642886573101\u0026entity_id=31955841101\u0026sid=101"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-041-02.json"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "GE Digital Energy has released a new version of the Ethernet option, \nwhich resolves the identified vulnerability in newly released Hydran M2 \ndevices. The update changes the sequence algorithm, which makes it \nimprobable that a TCP sequence attack could succeed. The version of \nEthernet card that implements this improvement is \n94450214LFMT100SEM-L.R3-CL.\n\n\u003cbr\u003e"
            }
          ],
          "value": "GE Digital Energy has released a new version of the Ethernet option, \nwhich resolves the identified vulnerability in newly released Hydran M2 \ndevices. The update changes the sequence algorithm, which makes it \nimprobable that a TCP sequence attack could succeed. The version of \nEthernet card that implements this improvement is \n94450214LFMT100SEM-L.R3-CL."
        }
      ],
      "source": {
        "advisory": "ICSA-15-041-02",
        "discovery": "EXTERNAL"
      },
      "title": "GE Hydran M2 Predictable Value Range from Previous Values",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThere is no method to update Hydran M2 devices released prior to \nOctober 2014. GE Digital Energy recommends that utilities using older \nversions of the Hydran M2 device implement network security defensive \nmeasures, to include the following:\u003c/p\u003e\n\u003cp\u003e\u2022 \u0026nbsp; \u0026nbsp; Place the Hydran M2 inside the control system network security perimeter with access controls and monitoring.\u003c/p\u003e\n\u003cp\u003e\u2022 \u0026nbsp; \u0026nbsp; Minimize network exposure to all other control system devices. \nControl system devices should not directly face the Internet or business\n networks.\u003c/p\u003e\n\u003cp\u003e\u2022 \u0026nbsp; \u0026nbsp; Locate control system networks and devices behind properly \nconfigured firewalls, and isolate them from the business network.\u003c/p\u003e\n\u003cp\u003e\u2022 \u0026nbsp; \u0026nbsp; When remote access is required, use secure methods, such as \nVirtual Private Networks (VPNs), recognizing that VPNs may have \nvulnerabilities and should be updated to the most current version \navailable. Also recognize that VPN is only as secure as the connected \ndevices.\u003c/p\u003e\n\u003cp\u003eGE Digital Energy\u2019s Product Bulletin is available in at the following location, with a user account:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://libraries.ge.com/download?fileid=642886573101\u0026amp;entity_id=31955841101\u0026amp;sid=101\"\u003ehttp://libraries.ge.com/download?fileid=642886573101\u0026amp;entity_id=31955841101\u0026amp;sid=101\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "There is no method to update Hydran M2 devices released prior to \nOctober 2014. GE Digital Energy recommends that utilities using older \nversions of the Hydran M2 device implement network security defensive \nmeasures, to include the following:\n\n\n\u2022 \u00a0 \u00a0 Place the Hydran M2 inside the control system network security perimeter with access controls and monitoring.\n\n\n\u2022 \u00a0 \u00a0 Minimize network exposure to all other control system devices. \nControl system devices should not directly face the Internet or business\n networks.\n\n\n\u2022 \u00a0 \u00a0 Locate control system networks and devices behind properly \nconfigured firewalls, and isolate them from the business network.\n\n\n\u2022 \u00a0 \u00a0 When remote access is required, use secure methods, such as \nVirtual Private Networks (VPNs), recognizing that VPNs may have \nvulnerabilities and should be updated to the most current version \navailable. Also recognize that VPN is only as secure as the connected \ndevices.\n\n\nGE Digital Energy\u2019s Product Bulletin is available in at the following location, with a user account:\n\n\n http://libraries.ge.com/download?fileid=642886573101\u0026entity_id=31955841101\u0026sid=101"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2014-5409",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-041-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-041-02"
            },
            {
              "name": "http://libraries.ge.com/download?fileid=642886573101\u0026entity_id=31955841101\u0026sid=101",
              "refsource": "MISC",
              "url": "http://libraries.ge.com/download?fileid=642886573101\u0026entity_id=31955841101\u0026sid=101"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2014-5409",
    "datePublished": "2015-03-14T01:00:00",
    "dateReserved": "2014-08-22T00:00:00",
    "dateUpdated": "2025-11-03T18:58:26.900Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:ge:hydran_m2:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B9F1FE4-F235-4238-ABC0-9D31A22255B4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.\"}, {\"lang\": \"es\", \"value\": \"La tarjeta Ethernet 17046 anterior a 94450214LFMT100SEM-L.R3-CL para el GE Digital Energy Hydran M2 no genera de forma adecuada valores aleatrorios de TCP Initial Sequence Numbers (ISNs), lo que hace m\\u00e1s f\\u00e1cil a atacantes remotos suplantar paquetes mediante la predicci\\u00f3n de dichos valores.\"}]",
      "evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/330.html\"\u003eCWE-330: Use of Insufficiently Random Values\u003c/a\u003e",
      "id": "CVE-2014-5409",
      "lastModified": "2024-11-21T02:11:59.727",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-03-14T01:59:00.067",
      "references": "[{\"url\": \"http://libraries.ge.com/download?fileid=642886573101\u0026entity_id=31955841101\u0026sid=101\", \"source\": \"ics-cert@hq.dhs.gov\"}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-15-041-02\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://libraries.ge.com/download?fileid=642886573101\u0026entity_id=31955841101\u0026sid=101\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-15-041-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-5409\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2015-03-14T01:59:00.067\",\"lastModified\":\"2025-11-03T19:15:39.013\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.\"},{\"lang\":\"es\",\"value\":\"La tarjeta Ethernet 17046 anterior a 94450214LFMT100SEM-L.R3-CL para el GE Digital Energy Hydran M2 no genera de forma adecuada valores aleatrorios de TCP Initial Sequence Numbers (ISNs), lo que hace m\u00e1s f\u00e1cil a atacantes remotos suplantar paquetes mediante la predicci\u00f3n de dichos valores.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:P\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-343\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:ge:hydran_m2:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B9F1FE4-F235-4238-ABC0-9D31A22255B4\"}]}]}],\"references\":[{\"url\":\"http://libraries.ge.com/download?fileid=642886573101\u0026entity_id=31955841101\u0026sid=101\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-041-02.json\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-15-041-02\",\"source\":\"ics-cert@hq.dhs.gov\"},{\"url\":\"http://libraries.ge.com/download?fileid=642886573101\u0026entity_id=31955841101\u0026sid=101\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-041-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/330.html\\\"\u003eCWE-330: Use of Insufficiently Random Values\u003c/a\u003e\"}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.