CVE-2019-18243

INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
The affected product allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation.

Risk Information

  • CVE ID
  • CVE-2019-18243
  • Vendor
  • GE Digital
  • Product
  • iFIX
  • CVSS v3
  • 6.1