RSS   Vulnerabilities for 'Communicator'   RSS

2019-05-09
 
CVE-2019-6566

CWE-284
 

 
GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to the system.

 
 
CVE-2019-6564

CWE-427
 

 
GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade.

 
 
CVE-2019-6548

CWE-798
 

 
GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.

 
 
CVE-2019-6546

CWE-427
 

 
GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements.

 
 
CVE-2019-6544

CWE-284
 

 
GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.

 
2018-10-02
 
CVE-2017-7908

CWE-119
 

 
A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls.

 

 >>> Vendor: GE 77 Products
Intelligent platforms proficy historian
Intelligent platforms proficy plant applications
Intelligent platforms proficy real-time information porta
Intelligent platforms proficy hmi%2Fscada ifix
Intelligent platforms proficy batch execution
Intelligent platforms si7 i%2Fo driver
Intelligent platforms proficy pulse
Intelligent platforms proficy hmi/scada ifix
Intelligent platforms si7 i/o driver
Intelligent platforms proficy real-time information portal
Intelligent platforms proficy hmi/scada cimplicity
Intelligent platforms proficy process systems with cimplicity
Intelligent platforms proficy process systems
Intelligent platforms proficy dnp3 i/o driver
Intelligent platforms proficy hmi%2fscada cimplicity
Multilink ml1200
Multilink ml1600
Multilink ml2400
Multilink ml3000
Multilink ml3100
Multilink ml800
Multilink ml810
Multilink ml1200 firmware
Multilink ml1600 firmware
Multilink ml2400 firmware
Multilink ml3000 firmware
Multilink ml3100 firmware
Multilink ml800 firmware
Multilink ml810 firmware
12400 level transmitter device type manager
Svi ii ap positioner device type manager
Vector device type manager
Hydran m2
Healtcare millennium mg firmware
Healtcare millennium myosight firmware
Healtcare millennium nc firmware
Healthcare millennium mg firmware
Healthcare millennium myosight firmware
Healthcare millennium nc firmware
Mds pulsenet
Ups snmp web adapter firmware
Snmp web adapter firmware
Multilink firmware
Bently nevada 3500/22m serial firmware
Bently nevada 3500/22m usb firmware
Multilin sr 489 generator protection relay firmware
Multilin urplus c90 firmware
Multilin urplus d90 firmware
Multilin sr 745 transformer protection relay firmware
Multilin sr 760 feeder protection relay firmware
Multilin universal relay firmware
Multilin sr 369 motor protection relay firmware
Multilin urplus b95 firmware
Multilin sr 750 feeder protection relay firmware
Multilin sr 469 motor protection relay firmware
D60 line distance relay firmware
Gemnet license server
Xeleris
Infinia hawkeye 4 firmware
Centricity pacs ra1000
Pacsystems cpu320 firmware
Pacsystems cru320 firmware
Pacsystems rsti-ep cpe 100 firmware
Pacsystems rx3i cpe305 firmware
Pacsystems rx3i cpe310 firmware
Pacsystems rxi firmware
Rx3i cpe330 firmware
Rx3i cpe 400 firmware
Snmp/web adapter firmware
Communicator
Cimplicity
Ge communicator
Aespire 7100 firmware
Aespire 7900 firmware
Aestiva 7100 firmware
Aestiva 7900 firmware
IFIX


Copyright 2019, cxsecurity.com

 

Back to Top