CVE-2019-6564

Summary

GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade.

Affected Software

VendorProductVersion RangeStatus
n/aGE CommunicatorAll versions prior to 4.0.517affected

Weaknesses

  • CWE-427: UNCONTROLLED SEARCH PATH CWE-427

ADP Enrichment

CVE Program Container

Additional References

References