GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade.Referenceshttps://ics-cert.us-cert.gov/advisories/ICSA-19-122-02
