PT-2025-9878 · Unknown · Secsettingsintelligence
Sam
·
Published
2025-03-06
·
Updated
2025-03-06
·
CVE-2025-20903
CVSS v3.1
7.3
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SecSettingsIntelligence versions prior to SMR Mar-2025 Release 1
Description
The issue is related to improper access control, allowing local attackers to launch privileged activities. User interaction is required to trigger this issue.
Recommendations
For versions prior to SMR Mar-2025 Release 1, update to SMR Mar-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Secsettingsintelligence