Browse all 4 CVE security advisories affecting GE Gas Power. AI-powered Chinese analysis, POCs, and references for each vulnerability.
GE Gas Power designs and operates gas turbines and power generation systems for utilities and industries. Historically, their systems have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from web interfaces and network services. While no major public incidents have been widely reported, the presence of four CVEs indicates potential security concerns in their connected infrastructure. Their industrial control systems, while critical to energy infrastructure, may present attack surfaces that require continuous monitoring and patch management to prevent exploitation by threat actors targeting energy sector assets.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-1552 | ToolboxST Deserialization of Untrusted Configuration Data — ToolboxST | 6.4 | Medium | 2023-04-11 |
| CVE-2022-37952 | WorkstationST - Reflected XSS in iHistorian Data Display Tags — WorkstationSTCWE-79 | 4.7 | Medium | 2022-08-25 |
| CVE-2022-37953 | WorkstationST - Response Splitting in AM Gateway Challenge-Response — WorkstationSTCWE-113 | 4.7 | Medium | 2022-08-25 |
| CVE-2021-44477 | GE Gas Power ToolBoxST Improper Restriction of XML External Entity Reference — ToolBoxSTCWE-611 | 7.5 | High | 2022-03-25 |
This page lists every published CVE security advisory associated with GE Gas Power. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.