CVE-2021-36797

Name of the Vulnerable Software and Affected Versions Victron Energy Venus OS versions through 2.72

Description The issue allows root access by default to anyone with physical access to the device, which may be considered a violation of security best practices. However, the vendor disagrees with this assessment.

Recommendations For Victron Energy Venus OS versions through 2.72, consider restricting physical access to the device to minimize the risk of unauthorized root access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.