cvedb.io
CVE-2018-13341
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2018-08-10T19:29:00.380 · Last modified 2026-06-17T01:39:14.647

Summary

Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execute hidden API calls and escape the CTP console sandbox environment with elevated privileges.

Affected products

crestron — tsw-x60_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when crestron ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.