CVE-2019-6544

Name of the Vulnerable Software and Affected Versions GE Communicator versions prior to 4.0.517

Description The issue allows an unprivileged user to perform certain administrative actions, potentially enabling the execution of scheduled scripts with system administrator privileges. This is due to a service running with system privileges. However, the service is inaccessible to attackers if Windows default firewall settings are used.

Recommendations For GE Communicator versions prior to 4.0.517, update to version 4.0.517 or later to resolve the issue. As a temporary workaround, consider using Windows default firewall settings to restrict access to the vulnerable service.