本ページは ge ge_communicator に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2019-6566 | GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to the system. | [email protected] | 7.8 | 0.34% | 2019-05-09 | 2026-06-16 |
| CVE-2019-6564 | GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade. | [email protected] | 7.8 | 0.42% | 2019-05-09 | 2026-06-16 |
| CVE-2019-6548 | GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user. | [email protected] | 9.8 | 1.28% | 2019-05-09 | 2026-06-16 |
| CVE-2019-6546 | GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements. | [email protected] | 7.8 | 0.83% | 2019-05-09 | 2026-06-16 |
| CVE-2019-6544 | GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to attackers if Windows default firewall settings are used by the end user. | [email protected] | 5.6 | 1.18% | 2019-05-09 | 2026-06-16 |
| CVE-2017-7908 | A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls. | [email protected] | 7.6 | 0.99% | 2018-10-02 | 2026-06-16 |