Xdek42

**Name of the Vulnerable Software and Affected Versions** ThemeManager versions prior to SMR Jun-2025 Release 1 **Description** The issue is related to improper privilege management, allowing local privileged attackers to reuse trial items. This could potentially be exploited by attackers with local access. **Recommendations** For versions prior to SMR Jun-2025 Release 1, update to SMR Jun-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the ThemeManager to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SmartManagerCN versions prior to SMR May-2025 Release 1 **Description** The issue is related to improper access control, allowing local attackers to launch activities within the affected software. This could potentially lead to unauthorized access and actions. **Recommendations** For versions prior to SMR May-2025 Release 1, update to SMR May-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.