The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.CreditsAmir Preminger of Claroty reported these vulnerabilities to CISA.Referenceshttps://us-cert.cisa.gov/ics/advisories/icsa-21-292-01
