CVE-2018-13341

Name of the Vulnerable Software and Affected Versions Crestron TSW-X60 versions prior to 2.001.0037.001 Crestron MC3 versions prior to 1.502.0047.00

Description The issue allows attackers to calculate passwords for special sudo accounts using information accessible to regular users. This could enable them to execute hidden API calls and escape the sandbox environment with elevated privileges.

Recommendations For Crestron TSW-X60 versions prior to 2.001.0037.001, update to version 2.001.0037.001 or later. For Crestron MC3 versions prior to 1.502.0047.00, update to version 1.502.0047.00 or later.