Vulnerabilities in Celeste 22.x was vulnerable to takeover from unauthenticated local attacker.
The product is designed with access restricted to certain information, but it does not sufficiently protect against an unauthorized actor with physical access to these areas.