322 matches found
CVE-2019-6564
GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade...
CVE-2019-6546
GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...
CVE-2019-6544
GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to...
CVE-2019-6546
GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...
CVE-2019-6544
GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to...
Design/Logic Flaw
GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to the system...
Arbitrary file deletion
GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade...
Code injection
GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...
CVE-2019-6566
CVE-2019-6566 affects GE GE Communicator prior to 4.0.517. A non-administrative user can replace the uninstaller with a malicious version, potentially granting administrator privileges. Affected components include Communicator Installer, Communicator Application, Communicator PostgreSQL, Communic...
CVE-2019-6566
GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to the system...
CVE-2019-6544
GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to...
CVE-2019-6544
CVE-2019-6544 affects GE Communicator before 4.0.517. A service runs with SYSTEM privileges, enabling an unprivileged user to perform certain administrative actions and potentially execute scheduled scripts with SYSTEM privileges. Impact and exploitability are context-dependent: some advisories i...
CVE-2019-6548
GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user...
CVE-2019-6548
GE Communicator is affected by CVE-2019-6548: all versions before 4.0.517 contain two backdoor accounts with hardcoded credentials that could allow control over the database. Impact is stated as high (C/H/I/H/A/H) with potential remote exploitation per public advisories. The remediation is to upg...
CVE-2019-6546
GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...
CVE-2019-6546
CVE-2019-6546 affects GE Communicator prior to 4.0.517. The issue allows placing malicious files in the program’s working directory, potentially enabling manipulation of widgets/UI elements. Affected component/behavior is described in multiple sources (NVD and ICS advisories). Remediation per PT ...
CVE-2019-6564
GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade...
CVE-2019-6564
GE Communicator (before 4.0.517) is affected by CVE-2019-6564 in which a non-administrative user can place malicious files in the installer directory, potentially gaining administrative privileges during installation or upgrade. Affected components include the Communicator Installer, Application,...
PT-2019-18160 · Ge · Ge Communicator
Name of the Vulnerable Software and Affected Versions: GE Communicator versions prior to 4.0.517 Description: The issue concerns the presence of two backdoor accounts with hardcoded credentials in the software, potentially allowing control over the database. However, if the default Windows firewa...
PT-2019-18158 · Ge · Ge Communicator
Name of the Vulnerable Software and Affected Versions: GE Communicator versions prior to 4.0.517 Description: The issue allows an attacker to place malicious files within the working directory of the program, potentially enabling the manipulation of widgets and UI elements. Recommendations: For...