CVE-2019-18255

INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
The affected product allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation.

Risk Information

  • CVE ID
  • CVE-2019-18255
  • Vendor
  • GE Digital
  • Product
  • iFIX
  • CVSS v3
  • 6.1