The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.CreditsAmir Preminger of Claroty reported these vulnerabilities to CISAReferenceshttps://us-cert.cisa.gov/ics/advisories/icsa-21-278-02
