CVE-2025-20957

Name of the Vulnerable Software and Affected Versions SmartManagerCN versions prior to SMR May-2025 Release 1

Description The issue is related to improper access control in SmartManagerCN, which allows local attackers to launch arbitrary activities with SmartManagerCN privilege. This can be exploited by attackers to gain unauthorized access and perform malicious actions.

Recommendations For versions prior to SMR May-2025 Release 1, update to SMR May-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive features and functionalities within SmartManagerCN to minimize the risk of exploitation.