Crestron · Crestron Tsw-X60 · CVE-2018-13341
**Name of the Vulnerable Software and Affected Versions**
Crestron TSW-X60 versions prior to 2.001.0037.001
Crestron MC3 versions prior to 1.502.0047.00
**Description**
The issue allows attackers to calculate passwords for special sudo accounts using information accessible to regular users. This could enable them to execute hidden API calls and escape the sandbox environment with elevated privileges.
**Recommendations**
For Crestron TSW-X60 versions prior to 2.001.0037.001, update to version 2.001.0037.001 or later.
For Crestron MC3 versions prior to 1.502.0047.00, update to version 1.502.0047.00 or later.