Lucene search
K

322 matches found

OSV
OSV
added 2019/05/09 3:29 p.m.4 views

CVE-2019-6564

GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade...

7.8CVSS7.1AI score0.00418EPSS
Exploits0References1
OSV
OSV
added 2019/05/09 3:29 p.m.4 views

CVE-2019-6546

GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...

7.8CVSS7.1AI score0.00835EPSS
Exploits0References1
NVD
NVD
added 2019/05/09 3:29 p.m.16 views

CVE-2019-6544

GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to...

6.8CVSS6.6AI score0.01176EPSS
Exploits0References1
NVD
NVD
added 2019/05/09 3:29 p.m.15 views

CVE-2019-6546

GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...

7.8CVSS8.2AI score0.00835EPSS
Exploits0References1
OSV
OSV
added 2019/05/09 3:29 p.m.4 views

CVE-2019-6544

GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to...

5.6CVSS6.3AI score0.01176EPSS
Exploits0References1
Prion
Prion
added 2019/05/09 3:29 p.m.14 views

Design/Logic Flaw

GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to the system...

7.2CVSS8.2AI score0.00342EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/05/09 3:29 p.m.14 views

Arbitrary file deletion

GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade...

6.9CVSS8.3AI score0.00418EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/05/09 3:29 p.m.19 views

Code injection

GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...

6.8CVSS8.1AI score0.00835EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/05/09 2:51 p.m.47 views

CVE-2019-6566

CVE-2019-6566 affects GE GE Communicator prior to 4.0.517. A non-administrative user can replace the uninstaller with a malicious version, potentially granting administrator privileges. Affected components include Communicator Installer, Communicator Application, Communicator PostgreSQL, Communic...

7.8CVSS7.6AI score0.00342EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/05/09 2:51 p.m.15 views

CVE-2019-6566

GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to the system...

7.7AI score0.00342EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/05/09 2:51 p.m.19 views

CVE-2019-6544

GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to...

5.6AI score0.01176EPSS
Exploits0References1
CVE
CVE
added 2019/05/09 2:51 p.m.47 views

CVE-2019-6544

CVE-2019-6544 affects GE Communicator before 4.0.517. A service runs with SYSTEM privileges, enabling an unprivileged user to perform certain administrative actions and potentially execute scheduled scripts with SYSTEM privileges. Impact and exploitability are context-dependent: some advisories i...

6.8CVSS5.6AI score0.01176EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/05/09 2:28 p.m.18 views

CVE-2019-6548

GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user...

9.4AI score0.01277EPSS
Exploits0References1
CVE
CVE
added 2019/05/09 2:28 p.m.53 views

CVE-2019-6548

GE Communicator is affected by CVE-2019-6548: all versions before 4.0.517 contain two backdoor accounts with hardcoded credentials that could allow control over the database. Impact is stated as high (C/H/I/H/A/H) with potential remote exploitation per public advisories. The remediation is to upg...

9.8CVSS9.2AI score0.01277EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/05/09 2:27 p.m.18 views

CVE-2019-6546

GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...

7.6AI score0.00835EPSS
Exploits0References1
CVE
CVE
added 2019/05/09 2:27 p.m.46 views

CVE-2019-6546

CVE-2019-6546 affects GE Communicator prior to 4.0.517. The issue allows placing malicious files in the program’s working directory, potentially enabling manipulation of widgets/UI elements. Affected component/behavior is described in multiple sources (NVD and ICS advisories). Remediation per PT ...

7.8CVSS7.5AI score0.00835EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/05/09 2:27 p.m.29 views

CVE-2019-6564

GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade...

7.8AI score0.00418EPSS
Exploits0References1
CVE
CVE
added 2019/05/09 2:27 p.m.50 views

CVE-2019-6564

GE Communicator (before 4.0.517) is affected by CVE-2019-6564 in which a non-administrative user can place malicious files in the installer directory, potentially gaining administrative privileges during installation or upgrade. Affected components include the Communicator Installer, Application,...

7.8CVSS7.7AI score0.00418EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/05/09 12:0 a.m.7 views

PT-2019-18160 · Ge · Ge Communicator

Name of the Vulnerable Software and Affected Versions: GE Communicator versions prior to 4.0.517 Description: The issue concerns the presence of two backdoor accounts with hardcoded credentials in the software, potentially allowing control over the database. However, if the default Windows firewa...

9.8CVSS9.4AI score0.01277EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/05/09 12:0 a.m.5 views

PT-2019-18158 · Ge · Ge Communicator

Name of the Vulnerable Software and Affected Versions: GE Communicator versions prior to 4.0.517 Description: The issue allows an attacker to place malicious files within the working directory of the program, potentially enabling the manipulation of widgets and UI elements. Recommendations: For...

7.8CVSS7.6AI score0.00835EPSS
Exploits0References3
Rows per page
Query Builder