Hi J, we have internally analyzed the vulnerabilities when we were first notified about it a while back. To exploit the vulnerabilities, a local user account on the device with shell access is required. This is by default not the case on the ctrlX CORE. You have to request a system-user to be able to log in via e.g. SSH first - and then you already have root permissions, which makes the exploitation obsolete. So - no, we are not affected and therefore no advisory was published.
... View more