CVE-2019-5024

Name of the Vulnerable Software and Affected Versions Capsule Technologies SmartLinx Neuron 2 versions 9.0.3 or lower

Description A restricted environment escape issue exists in the "kiosk mode" function, allowing an attacker to escape the restricted environment with a specific series of keyboard inputs. This results in full administrator access to the underlying operating system. An attacker can connect to the device via USB port with a keyboard or other HID device to trigger this issue.

Recommendations For versions 9.0.3 or lower, consider restricting access to the USB port to minimize the risk of exploitation, and avoid using the "kiosk mode" function until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.