What is CVE-2014-9196?

CVE-2014-9196 is a vulnerability in Eaton Proview, classified under CWE-342. Published 2015-07-20.

Is CVE-2014-9196 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Eaton Proview

CVE-2014-9196

Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by p…

EPSS: 0.024 (85.5th percentile) — read the EPSS interpretation.

Affected products

Eaton Proview — versions 4.0, 5.0, 5.0.1
Eaton’s Cooper Power Systems Idea/ideaplus Relays — versions Pro View 4.0
Eaton’s Cooper Power Systems Series Form 6 — versions Pro View 4.0

Weakness classification (CWE)

Public proof-of-concept exploits

References

75936 (vdb-entry, x_refsource_BID)
ics-cert@hq.dhs.gov
ics-cert@hq.dhs.gov
af854a3a-2127-422b-91ae-364da2661108 (Third Party Advisory, US Government Resource)

Frequently asked questions

What is CVE-2014-9196?: CVE-2014-9196 is a vulnerability in Eaton Proview, classified under CWE-342. Published 2015-07-20.
Is CVE-2014-9196 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.