Vulnerability Details CVE-2021-36797
In Victron Energy Venus OS through 2.72, root access is granted by default to anyone with physical access to the device. NOTE: the vendor disagrees with the reporter's opinion about an alleged "security best practices" violation
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 15.0%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 7.2
References
Products affected by CVE-2021-36797
-
cpe:2.3:o:victronenergy:venus_os:-
-
cpe:2.3:o:victronenergy:venus_os:2.72