GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade.
2019-05-09T15:29:05.123
2024-11-21T04:46:42.280
Modified
CVSSv3.1: 7.8 (HIGH)
AV:L/AC:M/Au:N/C:C/I:C/A:C
3.4
10.0
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | ge | ge_communicator | < 4.0.517 | Yes |