ICS-CERT is warning of five flaws affecting the GE Communicator software, including privilege escalation issues and hardcoded credentials
GE Communicator is a is a user-friendly software for programming and monitoring supported metering devices. The software allows users to program the meters, view real-time metered data, and analyze collected data.
The application is used by organizations worldwide, including electric utilities and large manufacturers.
The flaws could be exploited by an attacker to gain admin rights to a workstation running the GE Communicator software. Experts pointed out that in order to exploit the issues the attackers need either network access to the workstation or local logon access to the workstation with regular user privileges.
“Successful exploitation of these vulnerabilities could allow an attacker to gain administrative privileges, manipulate widgets and UI elements, gain control over the database, or execute administrative commands.” reads the advisory published by the ICS-CERT.
The most severe flaw, tracked as CVE-2019-6548, is related to the use of hard-coded credentials CWE-798 (CVSS v3 base score of 8.1).
“Two backdoor accounts with hardcoded credentials exist, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.” reads the advisory. “CVE-2019-6548 has been assigned to this vulnerability.”
ICS-CERT also report two uncontrolled search path vulnerabilities:
The remaining issues are improper access controls cwe-284 flaws tracked as CVE-2019-6544 and CVE-2019-6566.
The following Communicator components, all versions prior to 4.0.517, are affected:
GE addressed the vulnerabilities with the release of GE Communicator 4.0.517.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – GE Communicator, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
This website uses cookies.