Unrated severityNVD Advisory· Published Mar 14, 2015· Updated May 6, 2026

CVE-2014-5409

Description

The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier for remote attackers to spoof packets by predicting these values.

Affected products

Ge/Hydran M2
cpe:2.3:h:ge:hydran_m2:*:*:*:*:*:*:*:*
GE/Hydran M2, containing the 17046 Ethernet optionv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ics-cert.us-cert.gov/advisories/ICSA-15-041-02nvdThird Party AdvisoryUS Government Resource
libraries.ge.com/downloadnvd
github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-041-02.jsonnvd
www.cisa.gov/news-events/ics-advisories/icsa-15-041-02nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000