A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the deviceβs event log. This vulnerability could allow the Operator to authenticate as the Maintenance user, thereby gaining unauthorized access to sensitive configuration settings and the ability to modify device parameters.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanationCVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1 reference(s) from NVD