Product
The Orbit agent is vulnerable to local privilege escalation due to Tcl command injection, where a crafted password containing '}' can inject arbitrary Tcl commands and allow an unprivileged local user to execute commands as root.