An issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local attacker to escalate privileges via the password component.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.