Security Weakness Resulting in Potential Local Privilege Escalation When HA (High Availability) is Active

A weakness in the SMA100 Series exists when High Availability (HA) pair is active, potentially permitting an operation at a privilege's level that is higher than the minimum level required. If a malicious actor obtains a 'nobody' user shell on an impacted SMA100 device, this can potentially lead to commands being executed with root-level privilege. This is a SMA100 series security weakness, not a vulnerability that can be exploited remotely. 
Last updated: Sept. 23, 2021, 9:20 p.m.

Original Article

Leave a Reply

Your email address will not be published. Required fields are marked *