@alternativeto „critical” is HUGE exaggeration. Long, physical access, during auth is required (and CVSS for this flaw is 4.9/10)