-
GE Vernova Inc. expands CVE Numbering Authority (CNA) status to all business segments
-
Expansion allows CVE ID assignments to cybersecurity vulnerabilities, publishing CVE Records, and streamlining vulnerability reporting across its portfolio.
CAMBRIDGE, Mass. (February 21, 2024) – GE Vernova Inc. (NYSE: GEV) announced today that it has been authorized by the Common Vulnerability and Exposures Program as a CVE Numbering Authority (CNA). CNAs are organizations responsible for assigning CVE IDs to cybersecurity vulnerabilities potentially related to its products and for creating and publishing information about these vulnerabilities in the associated CVE Record. Each CNA has a specific scope of responsibility for identifying and publishing details about vulnerabilities.
This authorization extends the CNA status previously held by GE Gas Power to now include all GE Vernova businesses, encompassing our Power, Wind, and Electrification segments. As a CNA, GE Vernova can assign CVE identification numbers to newly discovered vulnerabilities potentially related to its products, allowing GE Vernova to directly publish new CVE Records and streamline the reporting process. GE Vernova will maintain all previously assigned CVEs created by GE Gas Power, ensuring continuity and consistency in vulnerability reporting.
"This expanded authorization reaffirms our unwavering commitment to maintaining a security culture across all our businesses," said Ronald Wiederhold, GE Vernova Vice President of Product Cybersecurity. "By identifying and mitigating cybersecurity vulnerabilities, we support our customers and partners, enabling them to operate their energy infrastructure with confidence in GE Vernova and our portfolio of products and services."
###
About the CVE Program
The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.
The CVE Program is sponsored by the Cybersecurity and Infrastructure Security Agency (CISA), of the U.S. Department of Homeland Security (DHS) and is operated by the MITRE Corporation in close collaboration with international industry, academic, and government stakeholders.
end
About GE Vernova
GE Vernova Inc. (NYSE: GEV) is a purpose-built global energy company that includes Power, Wind, and Electrification segments and is supported by its accelerator businesses. Building on over 130 years of experience tackling the world’s challenges, GE Vernova is uniquely positioned to help lead the energy transition by continuing to electrify the world while simultaneously working to decarbonize it. GE Vernova helps customers power economies and deliver electricity that is vital to health, safety, security, and improved quality of life. GE Vernova is headquartered in Cambridge, Massachusetts, U.S., with approximately 75,000 employees across 100+ countries around the world. Supported by the Company’s purpose, The Energy to Change the World, GE Vernova technology helps deliver a more affordable, reliable, sustainable, and secure energy future.
Learn more: GE Vernova and LinkedIn
GE Vernova’s mission is embedded in its name – it retains its legacy, “GE,” as an enduring and hard-earned badge of quality and ingenuity. “Ver” / “verde” signal Earth’s verdant and lush ecosystems. “Nova,” from the Latin “novus,” nods to a new, innovative era of lower carbon energy.
© 2025 GE Vernova. All rights reserved. GE Vernova reserves the right to vary its findings and conclusions should any information or technical knowledge come to GE Vernova after the date of this document. This Security Advisory does not vary any contractual relationship between GE Vernova and its customer. NO REPRESENTATION OR WARRANTY IS MADE OR IMPLIED AS TO ITS COMPLETENESS, ACCURACY, OR FITNESS FOR ANY PARTICULAR PURPOSE.