The Faster Permissions module 7.x-2.x before 7.x-1.2 for Drupal does not check the "administer permissions" permission, which allows remote attackers to modify access permissions via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 70.8%