GE MultiLink Series Hard-coded Credential Vulnerability

CVSS 10.0 CRITICAL

CVEs (1)

CVE-2016-2310

GE has released new firmware versions for the MultiLink series managed switches that resolve the identified vulnerability. GE recommends that asset owners install firmware upgrades on affected devices. Firmware Version 5.5.0 resolves the vulnerability for the ML800, ML1200, ML1600, and ML2400. Firmware Version 5.5.0k resolves the vulnerability for the ML810, ML3000, and ML3100.
The new firmware version for the ML800 switch, Version 5.5.0, is available at the following location: (https://www.gegridsolutions.com/app/Resources.aspx?prod=ml800&type=7)
The new firmware version for the ML810 switch, Version 5.5.0k, is available at the following location: (https://www.gegridsolutions.com/app/Resources.aspx?prod=ml810&type=7)
The new firmware version for the ML1200 switch, Version 5.5.0, is available at the following location: (https://www.gegridsolutions.com/app/Resources.aspx?prod=ml1200&type=7)
The new firmware version for the ML1600 switch, Version 5.5.0, is available at the following location: (https://www.gegridsolutions.com/app/Resources.aspx?prod=ml1600&type=7)
The new firmware version for the ML2400 switch, Version 5.5.0, is available at the following location: (https://www.gegridsolutions.com/app/Resources.aspx?prod=ml2400&type=7)
The new firmware version for the ML3000 and ML3100 switches, Version 5.5.0k, is available at the following location: (https://www.gegridsolutions.com/app/Resources.aspx?prod=ml3000&type=7)

GE · GE ML800 Switch <firmware_5.5.0

GE · GE ML810 Switch <firmware_5.5.0k

GE · GE ML1200 Switch <firmware_5.5.0

GE · GE ML1600 Switch <firmware_5.5.0

GE · GE ML2400 Switch <firmware_5.5.0

GE · GE ML3000 Switch <firmware_5.5.0k

GE · GE ML3100 Switch <firmware_5.5.0k

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.