Victron Energy · Victron Energy Venus Os · CVE-2021-36797
**Name of the Vulnerable Software and Affected Versions**
Victron Energy Venus OS versions through 2.72
**Description**
The issue allows root access by default to anyone with physical access to the device, which may be considered a violation of security best practices. However, the vendor disagrees with this assessment.
**Recommendations**
For Victron Energy Venus OS versions through 2.72, consider restricting physical access to the device to minimize the risk of unauthorized root access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.