CVE-2014-9196

EUVD-2014-9021
Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
Affected Products (NVD)
VendorProductVersion
eatonproview
4.0
eatonproview
5.0
eatonproview
5.0.1
eatonproview
5.0.2
eatonproview
5.0.3
eatonproview
5.0.4
eatonproview
5.0.5
eatonproview
5.0.6
eatonproview
5.0.7
eatonproview
5.0.8
eatonproview
5.0.9
eatonproview
5.0.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/75936
https://www.cisa.gov/news-events/ics-advisories/icsa-15-006-01
https://www.eaton.com/cybersecurity
http://www.securityfocus.com/bid/75936
https://ics-cert.us-cert.gov/advisories/ICSA-15-006-01