GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and Multilink ML810, ML3000, and ML3100 switches with firmware 5.2.0 and earlier allow remote attackers to cause a denial of service (resource consumption or reboot) via crafted packets.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5418
Reference (s):
- http://www.gedigitalenergy.com/products/support/multilink/MLSB1214.pdf
- https://ics-cert.us-cert.gov/advisories/ICSA-15-013-04