The firmware in eSeSIX Thintune Client contains a flaw that may allow a remote attacker to bypass authentication settings. The problem is that a user doesn't have to press <Enter> when prompted for the control center and lshell passwords. When the passwords are too short, it is possible for a remote attacker to guess the passwords by pressing the first correct letter which will allow successful login, resulting in a loss of confidentiality.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Choose long passwords.