2 matches found
CVE-2022-21941
Affected product: iSTAR Ultra. Versions affected: all prior to 6.8.9.CU01. Issue: command injection that could allow an unauthenticated user to gain root access to the system, originating at the controller level. Root cause / nature: improper handling/neutralization of commands leading to privile...
CVE-2023-3127
CVE-2023-3127 concerns improper authentication in Sensormatic Electronics iSTAR devices (Ultra, Ultra LT, Ultra G2, Edge G2). The vulnerability allows an unauthenticated user to login with administrator rights, with CVSS v3.1 base score 7.5 (AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L) per CISA ICS and N...