CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
9.0%
SR-7100VN provided by ICOM INCORPORATED contains a privilege escalation vulnerability (CWE-268).
A user with an administrator privilege of the product may obtain administrative privileges of the OS (Operating System). As a result, an arbitrary OS command may be executed by the user.
Update the Firmware
Update the firmware according to the information provided by the developer.
The developer states that the vulnerability was fixed in the following versions: