Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.