GE Communicator

Plan Patch8.1ICS-CERT ICSA-19-122-02May 2, 2019

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

GE Communicator (Application, MeterManager, Installer, PostgreSQL, WISE Uninstaller) versions prior to 4.0.517 contain multiple vulnerabilities including insecure widget handling (CWE-427), hardcoded credentials (CWE-798), and improper access controls (CWE-284). Successful exploitation could allow an attacker to gain administrative privileges, manipulate UI elements and widgets, take control of the database, or execute administrative commands.

What this means

What could happen

An attacker could gain administrative control of GE Communicator, potentially altering meter data, changing system configurations, or disrupting the application's ability to monitor and manage electrical distribution systems in energy utilities.

Who's at risk

Energy utilities operating GE Communicator for meter management and electrical distribution monitoring. This includes IT staff managing SCADA/EMS systems, meter data management (MDM) platforms, and any organization using GE's grid solutions software for power distribution oversight.

How it could be exploited

An attacker with network access to the Communicator application can exploit insecure credential handling or access control flaws to bypass authentication and gain administrative privileges. Once authenticated as admin, the attacker can modify database contents, change application settings, or execute commands that alter metering or control logic.

Prerequisites

Network reachability to the Communicator application
No authentication required for some exploit paths (hardcoded credentials or access control bypass)

remotely exploitableno authentication required (hardcoded credentials)high CVSS score (8.1)affects database and administrative functionsno patch available for older unsupported versions

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (5)

5 with fix

ProductAffected VersionsFix Status

Communicator MeterManager: all< 4.0.5174.0.517 or later

Communicator Application: all< 4.0.5174.0.517 or later

Communicator Installer: all< 4.0.5174.0.517 or later

Communicator PostGreSQL: all< 4.0.5174.0.517 or later

Communicator WISE Uninstaller: all< 4.0.5174.0.517 or later

Remediation & Mitigation

0/6

Do now

0/2

HARDENINGEnsure Windows default firewall rules are enabled and active

HARDENINGRestrict network access to Communicator to authorized internal networks only; do not expose to the Internet

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade GE Communicator to version 4.0.517 or newer

HARDENINGImplement least privilege access controls across Communicator users and service accounts

Long-term hardening

0/2

HARDENINGIsolate Communicator and meter management systems from the business network using firewalls and network segmentation

HARDENINGIf remote access is required, implement secure VPN with current patches and monitor for suspicious activity

CVEs (5)

CVE-2019-6564 CVE-2019-6546 CVE-2019-6548 CVE-2019-6544 CVE-2019-6566

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/48ede119-1c6f-444e-8b10-3f6ccc1e0bd1