• frongt@lemmy.zip
    link
    fedilink
    arrow-up
    1
    arrow-down
    3
    ·
    1 month ago

    Right. The common one is an initially malicious device given to an unsuspecting user. This is a stock device that a user already has and trusts. It’s a huge vulnerability that an unauthenticated user can completely take it over. This is a 9.3 CVE, without even considering pivoting to the PC.