Search criteria
80 vulnerabilities
CVE-2025-43876 (GCVE-0-2025-43876)
Vulnerability from cvelistv5 – Published: 2025-12-24 15:27 – Updated: 2025-12-24 16:20
VLAI?
Title
iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - get8021xSettings
Summary
Under certain circumstances a successful exploitation could result in access to the device.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Johnson Controls | iSTAR Ultra, iSTAR Ultra SE |
Affected:
0 , ≤ 6.9.7
(custom)
|
|||||||
|
|||||||||
Credits
Johnson Controls reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43876",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-24T16:20:37.974061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T16:20:55.776Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "iSTAR Ultra, iSTAR Ultra SE",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "6.9.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "6.9.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Johnson Controls reported these vulnerabilities to CISA."
}
],
"datePublic": "2025-12-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances a successful exploitation \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecould result in access to the device.\u003c/span\u003e"
}
],
"value": "Under certain circumstances a successful exploitation could result in access to the device."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88: OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T15:27:06.898Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgba(5, 21, 36, 0.06);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpgrade iSTAR Ultra, iSTAR Ultra SE to version 6.9.7.CU01 or greater.\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003eUpgrade iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 to version 6.9.3 or greater\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* Upgrade iSTAR Ultra, iSTAR Ultra SE to version 6.9.7.CU01 or greater.\n * Upgrade iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 to version 6.9.3 or greater"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - get8021xSettings",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-43876",
"datePublished": "2025-12-24T15:27:06.898Z",
"dateReserved": "2025-04-17T20:07:25.122Z",
"dateUpdated": "2025-12-24T16:20:55.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43875 (GCVE-0-2025-43875)
Vulnerability from cvelistv5 – Published: 2025-12-24 15:19 – Updated: 2025-12-24 16:21
VLAI?
Title
iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - getOptionsInfo
Summary
Under certain circumstances a successful exploitation could result in access to the device.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Johnson Controls | iSTAR Ultra, iSTAR Ultra SE |
Affected:
0 , ≤ 6.9.7
(custom)
|
|||||||
|
|||||||||
Credits
Johnson Controls reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43875",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-24T16:21:20.354036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T16:21:31.227Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "iSTAR Ultra, iSTAR Ultra SE",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "6.9.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "6.9.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Johnson Controls reported these vulnerabilities to CISA."
}
],
"datePublic": "2025-12-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances a successful exploitation \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecould result in access to the device.\u003c/span\u003e"
}
],
"value": "Under certain circumstances a successful exploitation could result in access to the device."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88: OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T15:24:12.546Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgba(5, 21, 36, 0.06);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpgrade iSTAR Ultra, iSTAR Ultra SE to version 6.9.7.CU01 or greater.\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003eUpgrade iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 to version 6.9.3 or greater\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* Upgrade iSTAR Ultra, iSTAR Ultra SE to version 6.9.7.CU01 or greater.\n * Upgrade iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 to version 6.9.3 or greater"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - getOptionsInfo",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-43875",
"datePublished": "2025-12-24T15:19:19.145Z",
"dateReserved": "2025-04-17T20:07:25.122Z",
"dateUpdated": "2025-12-24T16:21:31.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61740 (GCVE-0-2025-61740)
Vulnerability from cvelistv5 – Published: 2025-12-22 14:32 – Updated: 2025-12-22 16:20
VLAI?
Title
Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG Origin Validation Error
Summary
Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device.
Severity ?
CWE
- CWE-346 - Origin Validation Error
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | IQ Panels2, 2+, IQHub, IQPanel 4, PowerG |
Affected:
IQ Panels2 , ≤ 2
(custom)
Affected: IQ Panels2+ , ≤ 2+ (custom) Affected: IQHub (custom) Affected: IQPanel 4 , ≤ 4.6.0 (custom) Affected: PowerG , ≤ 53.02 (custom) |
Credits
James Chambers of NCC group
Sultan Qasim Khan of NCC group
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T16:19:54.221428Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T16:20:04.536Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IQ Panels2, 2+, IQHub, IQPanel 4, PowerG",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2",
"status": "affected",
"version": "IQ Panels2",
"versionType": "custom"
},
{
"lessThanOrEqual": "2+",
"status": "affected",
"version": "IQ Panels2+",
"versionType": "custom"
},
{
"status": "affected",
"version": "IQHub",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.6.0",
"status": "affected",
"version": "IQPanel 4",
"versionType": "custom"
},
{
"lessThanOrEqual": "53.02",
"status": "affected",
"version": "PowerG",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "James Chambers of NCC group"
},
{
"lang": "en",
"type": "finder",
"value": "Sultan Qasim Khan of NCC group"
}
],
"datePublic": "2025-12-16T14:23:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u0026nbsp;Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device.\u003cbr\u003e"
}
],
"value": "Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device."
}
],
"impacts": [
{
"capecId": "CAPEC-21",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-21 Exploitation of Trusted Identifiers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T14:32:07.619Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-350-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "a. Update IQ Panel 4\u2019s to version 4.6.1/4.6.1i\u003cbr\u003eb. Devices that support PowerG+ should use PowerG v53.05 or later. \u003cbr\u003ec. During the installation or enrollment of PowerG+ devices, enter the PIN code in the PIN Code field on the sensor enrollment screen. For additional security, Johnson Controls recommends only authorized company personnel or integrators be present during the pairing process\u003cbr\u003ed. Replace all End-of-Life Products (IQ Panel 2, IQ Panel 2+, IQ Hub) with the latest IQ Panel 4 using firmware version 4.6.1 or greater\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "a. Update IQ Panel 4\u2019s to version 4.6.1/4.6.1i\nb. Devices that support PowerG+ should use PowerG v53.05 or later. \nc. During the installation or enrollment of PowerG+ devices, enter the PIN code in the PIN Code field on the sensor enrollment screen. For additional security, Johnson Controls recommends only authorized company personnel or integrators be present during the pairing process\nd. Replace all End-of-Life Products (IQ Panel 2, IQ Panel 2+, IQ Hub) with the latest IQ Panel 4 using firmware version 4.6.1 or greater"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG Origin Validation Error",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-61740",
"datePublished": "2025-12-22T14:32:07.619Z",
"dateReserved": "2025-09-30T15:51:17.096Z",
"dateUpdated": "2025-12-22T16:20:04.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-26379 (GCVE-0-2025-26379)
Vulnerability from cvelistv5 – Published: 2025-12-22 14:21 – Updated: 2025-12-22 16:19
VLAI?
Title
Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG use of Cryptographically Weak Pseudo-Random Number Generator
Summary
Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets.
Severity ?
CWE
- CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | IQ Panels2, 2+, IQHub, IQPanel 4, PowerG |
Affected:
IQ Panels2 , ≤ 2
(custom)
Affected: IQ Panel 2+ , ≤ 2+ (custom) Affected: IQHub (custom) Affected: IQPanel 4 , ≤ 4.6.0 (custom) Affected: PowerG , ≤ 53.02 (custom) |
Credits
James Chambersof NCC Group
and Sultan Qasim Khan NCC Group
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T16:19:13.074335Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T16:19:25.130Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IQ Panels2, 2+, IQHub, IQPanel 4, PowerG",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2",
"status": "affected",
"version": "IQ Panels2",
"versionType": "custom"
},
{
"lessThanOrEqual": "2+",
"status": "affected",
"version": "IQ Panel 2+",
"versionType": "custom"
},
{
"status": "affected",
"version": "IQHub",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.6.0",
"status": "affected",
"version": "IQPanel 4",
"versionType": "custom"
},
{
"lessThanOrEqual": "53.02",
"status": "affected",
"version": "PowerG",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "James Chambersof NCC Group"
},
{
"lang": "en",
"type": "finder",
"value": "and Sultan Qasim Khan NCC Group"
}
],
"datePublic": "2025-12-16T14:11:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets.\u003cbr\u003e"
}
],
"value": "Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets."
}
],
"impacts": [
{
"capecId": "CAPEC-59",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-59 Session Credential Falsification through Prediction"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T14:21:29.597Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-350-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "a. Update IQ Panel 4\u2019s to version 4.6.1/4.6.1i\u003cbr\u003eb. Devices that support PowerG+ should use PowerG v53.05 or later. \u003cbr\u003ec. During the installation or enrollment of PowerG+ devices, enter the PIN code in the PIN Code field on the sensor enrollment screen. For additional security, Johnson Controls recommends only authorized company personnel or integrators be present during the pairing process\u003cbr\u003ed. Replace all End-of-Life Products (IQ Panel 2, IQ Panel 2+, IQ Hub) with the latest IQ Panel 4 using firmware version 4.6.1 or greater\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "a. Update IQ Panel 4\u2019s to version 4.6.1/4.6.1i\nb. Devices that support PowerG+ should use PowerG v53.05 or later. \nc. During the installation or enrollment of PowerG+ devices, enter the PIN code in the PIN Code field on the sensor enrollment screen. For additional security, Johnson Controls recommends only authorized company personnel or integrators be present during the pairing process\nd. Replace all End-of-Life Products (IQ Panel 2, IQ Panel 2+, IQ Hub) with the latest IQ Panel 4 using firmware version 4.6.1 or greater"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG use of Cryptographically Weak Pseudo-Random Number Generator",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-26379",
"datePublished": "2025-12-22T14:21:29.597Z",
"dateReserved": "2025-02-07T14:15:53.879Z",
"dateUpdated": "2025-12-22T16:19:25.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61739 (GCVE-0-2025-61739)
Vulnerability from cvelistv5 – Published: 2025-12-22 10:19 – Updated: 2025-12-22 13:09
VLAI?
Title
Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG reusing a nonce, key pair in encryption
Summary
Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets.
Severity ?
CWE
- CWE-323 - Reusing a Nonce, Key pair in encryption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | IQ Panels2, 2+, IQHub, IQPanel 4, PowerG |
Affected:
IQPanel2 , ≤ 2
(custom)
Affected: IQ Panels 2+ , ≤ 2+ (custom) Affected: IQHub (custom) Affected: IQPanel 4 , ≤ 4.6.0 (custom) |
Credits
James Chambers of NCC Group
Sultan Qasim Khan of NCC Group
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T13:09:06.933752Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T13:09:17.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IQ Panels2, 2+, IQHub, IQPanel 4, PowerG",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2",
"status": "affected",
"version": "IQPanel2",
"versionType": "custom"
},
{
"lessThanOrEqual": "2+",
"status": "affected",
"version": "IQ Panels 2+",
"versionType": "custom"
},
{
"status": "affected",
"version": "IQHub",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.6.0",
"status": "affected",
"version": "IQPanel 4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "James Chambers of NCC Group"
},
{
"lang": "en",
"type": "finder",
"value": "Sultan Qasim Khan of NCC Group"
}
],
"datePublic": "2025-12-16T10:09:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u0026nbsp;Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets."
}
],
"value": "Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets."
}
],
"impacts": [
{
"capecId": "CAPEC-216",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-216 Communication Channel Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323 Reusing a Nonce, Key pair in encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T10:19:34.183Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-350-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "a. Update IQ Panel 4\u2019s to version 4.6.1/4.6.1i\u003cbr\u003eb. Devices that support PowerG+ should use PowerG v53.05 or later. \u003cbr\u003ec. During the installation or enrollment of PowerG+ devices, enter the PIN code in the PIN Code field on the sensor enrollment screen. For additional security, Johnson Controls recommends only authorized company personnel or integrators be present during the pairing process\u003cbr\u003ed. Replace all End-of-Life Products (IQ Panel 2, IQ Panel 2+, IQ Hub) with the latest IQ Panel 4 using firmware version 4.6.1 or greater\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "a. Update IQ Panel 4\u2019s to version 4.6.1/4.6.1i\nb. Devices that support PowerG+ should use PowerG v53.05 or later. \nc. During the installation or enrollment of PowerG+ devices, enter the PIN code in the PIN Code field on the sensor enrollment screen. For additional security, Johnson Controls recommends only authorized company personnel or integrators be present during the pairing process\nd. Replace all End-of-Life Products (IQ Panel 2, IQ Panel 2+, IQ Hub) with the latest IQ Panel 4 using firmware version 4.6.1 or greater"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG reusing a nonce, key pair in encryption",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-61739",
"datePublished": "2025-12-22T10:19:34.183Z",
"dateReserved": "2025-09-30T15:51:17.096Z",
"dateUpdated": "2025-12-22T13:09:17.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61738 (GCVE-0-2025-61738)
Vulnerability from cvelistv5 – Published: 2025-12-22 10:07 – Updated: 2025-12-22 14:09
VLAI?
Title
Johnson Controls PowerG and IQPanel cleartext transmission of sensitive information
Summary
Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network.
Severity ?
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | IQPanel2, IQHub,IQPanel2+,IQPanel 4,PowerG |
Affected:
IQPanel2 , ≤ 2
(custom)
Affected: IQHub (custom) Affected: IQPanel2+ , ≤ 2+ (custom) Affected: ,IQPanel 4 , ≤ 4.6.0 (custom) Affected: PowerG , ≤ 53.02 (custom) |
Credits
James Chambers of NCC Group
Sultan Qasim Khan of NCC Group
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61738",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T13:14:58.080040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T13:18:28.352Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IQPanel2,\tIQHub,IQPanel2+,IQPanel 4,PowerG",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2",
"status": "affected",
"version": "IQPanel2",
"versionType": "custom"
},
{
"status": "affected",
"version": "IQHub",
"versionType": "custom"
},
{
"lessThanOrEqual": "2+",
"status": "affected",
"version": "IQPanel2+",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.6.0",
"status": "affected",
"version": ",IQPanel 4",
"versionType": "custom"
},
{
"lessThanOrEqual": "53.02",
"status": "affected",
"version": "PowerG",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "James Chambers of NCC Group"
},
{
"lang": "en",
"type": "finder",
"value": "Sultan Qasim Khan of NCC Group"
}
],
"datePublic": "2025-12-16T09:40:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u0026nbsp;Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network."
}
],
"value": "Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network."
}
],
"impacts": [
{
"capecId": "CAPEC-158",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-158 Sniffing Network Traffic"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.3,
"baseSeverity": "LOW",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T14:09:49.340Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-350-02"
},
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "a. Update IQ Panel 4\u2019s to version 4.6.1/4.6.1i\u003cbr\u003eb. Devices that support PowerG+ should use PowerG v53.05 or later. \u003cbr\u003ec. During the installation or enrollment of PowerG+ devices, enter the PIN code in the PIN Code field on the sensor enrollment screen. For additional security, Johnson Controls recommends only authorized company personnel or integrators be present during the pairing process\u003cbr\u003ed. Replace all End-of-Life Products (IQ Panel 2, IQ Panel 2+, IQ Hub) with the latest IQ Panel 4 using firmware version 4.6.1 or greater\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "a. Update IQ Panel 4\u2019s to version 4.6.1/4.6.1i\nb. Devices that support PowerG+ should use PowerG v53.05 or later. \nc. During the installation or enrollment of PowerG+ devices, enter the PIN code in the PIN Code field on the sensor enrollment screen. For additional security, Johnson Controls recommends only authorized company personnel or integrators be present during the pairing process\nd. Replace all End-of-Life Products (IQ Panel 2, IQ Panel 2+, IQ Hub) with the latest IQ Panel 4 using firmware version 4.6.1 or greater"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Johnson Controls PowerG and IQPanel cleartext transmission of sensitive information",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-61738",
"datePublished": "2025-12-22T10:07:19.789Z",
"dateReserved": "2025-09-30T15:51:17.096Z",
"dateUpdated": "2025-12-22T14:09:49.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-26381 (GCVE-0-2025-26381)
Vulnerability from cvelistv5 – Published: 2025-12-17 16:13 – Updated: 2025-12-17 16:45
VLAI?
Title
OpenBlue Mobile Web Application configuration issue for optional for OpenBlue Workplace (formerly FM Systems)
Summary
Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information.
Severity ?
CWE
- CWE-425 - Direct Request ('Forced Browsing')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | OpenBlue Workplace (formerly FM Systems) |
Affected:
0 , ≤ 2025.1.2
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26381",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T16:45:41.544710Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T16:45:49.543Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenBlue Workplace (formerly FM Systems)",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2025.1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-12-04T16:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSuccessful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information.\u003c/span\u003e"
}
],
"value": "Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information."
}
],
"impacts": [
{
"capecId": "CAPEC-87",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-87 Forceful Browsing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-425",
"description": "CWE-425 Direct Request (\u0027Forced Browsing\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T16:13:38.069Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://https://www.cisa.gov/news-events/ics-advisories/icsa-25-338-03"
},
{
"url": "https://tyco.widen.net/view/pdf/xmejieec4b/JCI-PSA-2025-05.pdf?t.download=true\u0026u=aiurfs"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eUpgrade to patch level 2025.1.3 or above when available. Note: When this patch is applied, skip the below two steps.\u003c/li\u003e\u003cli\u003eDisable the Mobile Application in Microsoft Internet Information Services (IIS) or Disable the mobile application within Microsoft Internet Information Services (IIS) at the application pool level.\u003c/li\u003e\u003cli\u003eUse the primary OpenBlue Workplace web interface: To complete the tasks you\u0027ve previously accomplished in OpenBlue Workplace Mobile interface, the primary Workplace web interface provides a subset of the Mobile functionality and is available here: [base url]/FMInteract/Default.aspx?DashboardType=Homepage.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "* Upgrade to patch level 2025.1.3 or above when available. Note: When this patch is applied, skip the below two steps.\n * Disable the Mobile Application in Microsoft Internet Information Services (IIS) or Disable the mobile application within Microsoft Internet Information Services (IIS) at the application pool level.\n * Use the primary OpenBlue Workplace web interface: To complete the tasks you\u0027ve previously accomplished in OpenBlue Workplace Mobile interface, the primary Workplace web interface provides a subset of the Mobile functionality and is available here: [base url]/FMInteract/Default.aspx?DashboardType=Homepage."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "OpenBlue Mobile Web Application configuration issue for optional for OpenBlue Workplace (formerly FM Systems)",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-26381",
"datePublished": "2025-12-17T16:13:38.069Z",
"dateReserved": "2025-02-07T14:15:53.880Z",
"dateUpdated": "2025-12-17T16:45:49.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43873 (GCVE-0-2025-43873)
Vulnerability from cvelistv5 – Published: 2025-12-17 15:53 – Updated: 2025-12-17 16:42
VLAI?
Title
iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - setFaultDebounce
Summary
Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Control | iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 |
Affected:
0 , ≤ 6.9.3
(custom)
|
Credits
Reid Wightman of Dragos reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43873",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T16:42:09.310159Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T16:42:19.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2",
"vendor": "Johnson Control",
"versions": [
{
"lessThanOrEqual": "6.9.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reid Wightman of Dragos reported these vulnerabilities to CISA."
}
],
"datePublic": "2025-12-12T15:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSuccessful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88: OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T15:53:04.477Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eUpgrade iSTAR Ultra, iSTAR Ultra SE, iStar Ultra LT to version 6.9.7.CU01 or greater.\u003c/li\u003e\u003cli\u003eUpgrade iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 to version 6.9.3 or greater.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "* Upgrade iSTAR Ultra, iSTAR Ultra SE, iStar Ultra LT to version 6.9.7.CU01 or greater.\n * Upgrade iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 to version 6.9.3 or greater."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - setFaultDebounce",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-43873",
"datePublished": "2025-12-17T15:53:04.477Z",
"dateReserved": "2025-04-17T20:07:25.122Z",
"dateUpdated": "2025-12-17T16:42:19.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-61736 (GCVE-0-2025-61736)
Vulnerability from cvelistv5 – Published: 2025-12-17 12:36 – Updated: 2025-12-17 15:09
VLAI?
Title
iSTAR- Improper Validation of Certificate Expiration
Summary
Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires.
Severity ?
CWE
- CWE-298 - Improper Validation of certificate expiration
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | iSTAReX, iSTAR Edge, iSTAR Ultra LT, iSTAR Ultra , iSTAR Ultra SE |
Affected:
iSTAR All versions prior to TLS 1.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-61736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T15:07:21.695642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T15:09:46.607Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "iSTAReX, iSTAR Edge, iSTAR Ultra LT, iSTAR Ultra , iSTAR Ultra SE",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "iSTAR All versions prior to TLS 1.2"
}
]
}
],
"datePublic": "2025-12-04T12:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSuccessful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires.\u003c/span\u003e"
}
],
"value": "Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires."
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94: Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-298",
"description": "CWE-298-Improper Validation of certificate expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T12:36:24.178Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-338-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJohnson Controls recommends the following mitigations:\u003c/p\u003e\u003cp\u003eHost-based certificates using TLS 1.2:\u003c/p\u003e\u003cul\u003e\u003cli\u003eQuickest solution\u003c/li\u003e\u003cli\u003eNo Upgrade required to specific C\u2022CURE or iSTAR software/firmware versions\u003c/li\u003e\u003cli\u003eRequires downloading a new certificate to all iSTAR panels simultaneously, resulting in a brief system downtime\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eConvert encryption mode to TLS 1.3, per cluster:\u003c/p\u003e\u003cul\u003e\u003cli\u003eRequires firmware 6.9.0 or higher, and C\u2022CURE 9000 v2.90 SP3 or higher\u003c/li\u003e\u003cli\u003eEnables phased implementation by cluster, minimizing disruption\u003c/li\u003e\u003cli\u003eNote: TLS 1.3 is not supported on iSTAR eX, iSTAR Edge, and iSTAR Ultra LT panels\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eUpgrade legacy panels to new G2 hardware:\u003c/p\u003e\u003cul\u003e\u003cli\u003eRecommended for smaller systems due to time constraints\u003c/li\u003e\u003cli\u003eApplies primarily to iSTAR eX, iSTAR Edge, and iSTAR LT panels\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Johnson Controls recommends the following mitigations:\n\nHost-based certificates using TLS 1.2:\n\n * Quickest solution\n * No Upgrade required to specific C\u2022CURE or iSTAR software/firmware versions\n * Requires downloading a new certificate to all iSTAR panels simultaneously, resulting in a brief system downtime\n\n\nConvert encryption mode to TLS 1.3, per cluster:\n\n * Requires firmware 6.9.0 or higher, and C\u2022CURE 9000 v2.90 SP3 or higher\n * Enables phased implementation by cluster, minimizing disruption\n * Note: TLS 1.3 is not supported on iSTAR eX, iSTAR Edge, and iSTAR Ultra LT panels\n\n\nUpgrade legacy panels to new G2 hardware:\n\n * Recommended for smaller systems due to time constraints\n * Applies primarily to iSTAR eX, iSTAR Edge, and iSTAR LT panels"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "iSTAR- Improper Validation of Certificate Expiration",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-61736",
"datePublished": "2025-12-17T12:36:24.178Z",
"dateReserved": "2025-09-30T15:51:17.096Z",
"dateUpdated": "2025-12-17T15:09:46.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-26383 (GCVE-0-2025-26383)
Vulnerability from cvelistv5 – Published: 2025-06-11 15:36 – Updated: 2025-06-11 15:52
VLAI?
Summary
The iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the Windows PC that ICU is running on.
Severity ?
CWE
- CWE-457 - Use of Uninitialized Variable
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | iSTAR Configuration Utility (ICU) |
Affected:
0 , ≤ All
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26383",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T15:52:07.949259Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T15:52:19.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "iSTAR Configuration Utility (ICU)",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "All",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the Windows PC that ICU is running on.\u003c/span\u003e"
}
],
"value": "The iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the Windows PC that ICU is running on."
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131: Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-457",
"description": "CWE-457: Use of Uninitialized Variable",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T15:36:41.067Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-146-01"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-26383",
"datePublished": "2025-06-11T15:36:41.067Z",
"dateReserved": "2025-02-07T14:15:53.880Z",
"dateUpdated": "2025-06-11T15:52:19.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-26382 (GCVE-0-2025-26382)
Vulnerability from cvelistv5 – Published: 2025-04-24 19:47 – Updated: 2025-04-24 20:09
VLAI?
Title
Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool
Summary
Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer overflow issue
Severity ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | iSTAR Configuration Utility (ICU) |
Affected:
0 , < 6.9.5
(custom)
|
Credits
Reid Wightman
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26382",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T19:59:52.038234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T20:02:34.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "iSTAR Configuration Utility (ICU)",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "6.9.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reid Wightman"
}
],
"datePublic": "2025-04-24T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer overflow issue"
}
],
"value": "Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer overflow issue"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100: Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T20:09:50.934Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-05"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade ICU to version 6.9.5 or greater\n\n\u003cbr\u003e"
}
],
"value": "Upgrade ICU to version 6.9.5 or greater"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-26382",
"datePublished": "2025-04-24T19:47:33.187Z",
"dateReserved": "2025-02-07T14:15:53.880Z",
"dateUpdated": "2025-04-24T20:09:50.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32862 (GCVE-0-2024-32862)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:57 – Updated: 2024-08-02 14:58
VLAI?
Title
exacqVision CORS
Summary
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.
Severity ?
6.8 (Medium)
CWE
- CWE-942 - Permissive Cross-domain Policy with Untrusted Domains
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
Credits
Diego Zaffaroni from Nozomi Networks
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "exacqvision_web_service",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T14:54:54.809433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T14:58:44.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cp\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.055);\"\u003eUnder certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains. \u003c/span\u003e\n\n\u003c/p\u003e\n\n\u003c/span\u003e\n\n \u003c/span\u003e"
}
],
"value": "Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-942",
"description": "CWE-942 Permissive Cross-domain Policy with Untrusted Domains",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:57:13.093Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003eUpdate exacqVision Web Service to version 24.06\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update exacqVision Web Service to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVision CORS",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32862",
"datePublished": "2024-08-01T21:57:13.093Z",
"dateReserved": "2024-04-19T13:45:43.929Z",
"dateUpdated": "2024-08-02T14:58:44.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32758 (GCVE-0-2024-32758)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:50 – Updated: 2024-08-06 20:35
VLAI?
Title
exacqVision - Key exchanges
Summary
Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange
Severity ?
CWE
- CWE-326 - Inadequate Encryption Strength
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0
(custom)
|
Credits
Reid Wightman of Dragos
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "exacqvision_server",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_client:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "exacqvision_client",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T20:29:29.999907Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:07.083Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reid Wightman of Dragos"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cp\u003eUnder certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange\u003c/p\u003e\n\n\u003c/span\u003e\n\n \u003c/span\u003e"
}
],
"value": "Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange"
}
],
"impacts": [
{
"capecId": "CAPEC-277",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-277: Data Interchange Protocol Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326: Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:50:16.134Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eFollow the guidance provided on the exacqVision Hardening Guide under the Password Strengthening section at \u003c/span\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.johnsoncontrols.com/trust-center/cybersecurity/resources.\"\u003ehttps://www.johnsoncontrols.com/trust-center/cybersecurity/resources.\u003c/a\u003e \n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Follow the guidance provided on the exacqVision Hardening Guide under the Password Strengthening section at \n https://www.johnsoncontrols.com/trust-center/cybersecurity/resources."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVision - Key exchanges",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32758",
"datePublished": "2024-08-01T21:50:16.134Z",
"dateReserved": "2024-04-17T17:26:35.181Z",
"dateUpdated": "2024-08-06T20:35:07.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32931 (GCVE-0-2024-32931)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:18 – Updated: 2024-08-06 20:35
VLAI?
Title
exacqVison - Token Disclosed in URL
Summary
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.
Severity ?
5.7 (Medium)
CWE
- CWE-598 - - Use of GET Request Method With Sensitive Query Strings
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
Credits
Diego Zaffaroni from Nozomi Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32931",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T20:35:29.938795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:43.344Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUnder certain circumstances the exacqVision Web Service can expose authentication token details within communications.\u003c/span\u003e\n\n \u003c/span\u003e"
}
],
"value": "Under certain circumstances the exacqVision Web Service can expose authentication token details within communications."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593: Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-598",
"description": "CWE-598 - Use of GET Request Method With Sensitive Query Strings",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:07.426Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-06"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUpdate exacqVision Web Service to version 24.06\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update exacqVision Web Service to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVison - Token Disclosed in URL",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32931",
"datePublished": "2024-08-01T21:18:07.426Z",
"dateReserved": "2024-04-19T17:27:45.230Z",
"dateUpdated": "2024-08-06T20:35:43.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32865 (GCVE-0-2024-32865)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:13 – Updated: 2024-08-02 14:36
VLAI?
Title
exacqVison - TLS certificate validation
Summary
Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.
Severity ?
6.4 (Medium)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
Credits
Diego Zaffaroni from Nozomi Networks
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_server:*:*:*:*:*:*:x86:*"
],
"defaultStatus": "unknown",
"product": "exacqvision_server",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32865",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T14:13:28.853898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T14:36:24.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003eUnder certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices. \u003c/span\u003e"
}
],
"value": "Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices."
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94: Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:13:24.868Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-05"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate exacqVision Server and exacqVision Client to version 24.06\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update exacqVision Server and exacqVision Client to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVison - TLS certificate validation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32865",
"datePublished": "2024-08-01T21:13:24.868Z",
"dateReserved": "2024-04-19T13:45:43.929Z",
"dateUpdated": "2024-08-02T14:36:24.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32864 (GCVE-0-2024-32864)
Vulnerability from cvelistv5 – Published: 2024-08-01 21:08 – Updated: 2024-08-05 19:10
VLAI?
Title
exacqVison - HTTPS Session Establishment
Summary
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
Severity ?
6.4 (Medium)
CWE
- CWE-319 - - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
Credits
Diego Zaffaroni from Nozomi Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T19:09:54.953664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T19:10:10.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)\u003c/span\u003e"
}
],
"value": "Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)"
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117: Interception"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 - Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T21:08:02.220Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUpdate exacqVision Web Service to version 24.06\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update exacqVision Web Service to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVison - HTTPS Session Establishment",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32864",
"datePublished": "2024-08-01T21:08:02.220Z",
"dateReserved": "2024-04-19T13:45:43.929Z",
"dateUpdated": "2024-08-05T19:10:10.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32863 (GCVE-0-2024-32863)
Vulnerability from cvelistv5 – Published: 2024-08-01 20:59 – Updated: 2024-08-02 14:59
VLAI?
Title
exacqVison - CSRF issues with Web Service
Summary
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
Severity ?
6.8 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | exacqVision |
Affected:
0 , ≤ 24.03
(custom)
|
Credits
Diego Zaffaroni from Nozomi Networks
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:exacqvision_web_service:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "exacqvision_web_service",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T14:57:46.260348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T14:59:25.751Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "exacqVision",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "24.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diego Zaffaroni from Nozomi Networks"
}
],
"datePublic": "2024-08-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUnder certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)\u003c/span\u003e"
}
],
"value": "Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)"
}
],
"impacts": [
{
"capecId": "CAPEC-176",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-176: Configuration/Environment Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T20:59:34.089Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update exacqVision Web Service to version 24.06\u003cbr\u003e"
}
],
"value": "Update exacqVision Web Service to version 24.06"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "exacqVison - CSRF issues with Web Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32863",
"datePublished": "2024-08-01T20:59:34.089Z",
"dateReserved": "2024-04-19T13:45:43.929Z",
"dateUpdated": "2024-08-02T14:59:25.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32861 (GCVE-0-2024-32861)
Vulnerability from cvelistv5 – Published: 2024-07-16 14:36 – Updated: 2025-07-21 15:57
VLAI?
Title
Software House C•CURE - CouchDB executable protection
Summary
Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions.
Severity ?
7.8 (High)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Software House C•CURE 9000 Installer |
Affected:
0 , ≤ 2.8
(custom)
|
Credits
Reid Wightman of Dragos
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:software_house_c-cure_9000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "software_house_c-cure_9000",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "3.00.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32861",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T14:55:26.330499Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T14:57:10.115Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/ICSA-24-191-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Software House C\u2022CURE 9000 Installer",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reid Wightman of Dragos"
}
],
"datePublic": "2024-07-16T14:32:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Under certain circumstances the impacted Software House C\u2022CURE 9000 installer will utilize unnecessarily wide permissions."
}
],
"value": "Under certain circumstances the impacted Software House C\u2022CURE 9000 installer will utilize unnecessarily wide permissions."
}
],
"impacts": [
{
"capecId": "CAPEC-653",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-653: Use of Known Operating System Credentials"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T15:57:46.437Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/ICSA-24-191-05"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u2022 Remove Full control and Write permissions. For non-administrator accounts, limit permissions to Read \u0026amp; Execute on the following path:\u003cbr\u003e\u2003\u2003\u2003o C:\\CouchDB\\bin \u003cbr\u003e\u003cbr\u003e"
}
],
"value": "\u2022 Remove Full control and Write permissions. For non-administrator accounts, limit permissions to Read \u0026 Execute on the following path:\n\u2003\u2003\u2003o C:\\CouchDB\\bin"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Software House C\u2022CURE - CouchDB executable protection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32861",
"datePublished": "2024-07-16T14:36:51.171Z",
"dateReserved": "2024-04-19T13:45:43.928Z",
"dateUpdated": "2025-07-21T15:57:46.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32753 (GCVE-0-2024-32753)
Vulnerability from cvelistv5 – Published: 2024-07-11 15:30 – Updated: 2024-08-16 14:50
VLAI?
Title
TYCO Illustra Pro Gen 4 - JQuery version
Summary
Under certain circumstances the camera may be susceptible to known vulnerabilities associated with the JQuery versions prior to 3.5.0 third-party component
Severity ?
CWE
- CWE-1395 - Dependency on Vulnerable Third-Party Component
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Johnson Controls | TYCO Illustra Pro4 Fixed cameras |
Affected:
0 , ≤ Illustra.SS016.05.03.01.0007
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_flex4_dualsensor_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "illustra_flex4_dualsensor_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "Illustra.SS022.24.03.00.0008",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_pro4_multisensor_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "illustra_pro4_multisensor_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "Illustra.SS017.24.03.00.0009",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_flex4_fixed_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "illustra_flex4_fixed_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "Illustra.SS018.24.03.00.0010",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_flex4_ptz_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "illustra_flex4_ptz_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "Illustra.SS018.24.03.00.0010",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_pro4_ptz_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "illustra_pro4_ptz_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "Illustra.SS010.24.03.00.0005",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_pro_gen_4_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "illustra_pro_gen_4_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThanOrEqual": "Illustra.SS016.05.03.01.0007",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32753",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T19:41:41.470969Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T14:23:41.965Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "TYCO Illustra Pro4 Fixed cameras",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "Illustra.SS016.05.03.01.0007",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TYCO Illustra Pro4 PTZ cameras",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "Illustra.SS010.24.03.00.0005",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TYCO Illustra Flex4 Fixed \u0026 PTZ cameras",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "Illustra.SS018.24.03.00.0010",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TYCO Illustra Pro4 MultiSensor Cameras",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "Illustra.SS017.24.03.00.0009",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TYCO Illustra Flex4 DualSensor Cameras",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "Illustra.SS022.24.03.00.0008",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-07-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances the camera may be susceptible to known vulnerabilities associated with the JQuery versions prior to 3.5.0 third-party component\u003c/span\u003e"
}
],
"value": "Under certain circumstances the camera may be susceptible to known vulnerabilities associated with the JQuery versions prior to 3.5.0 third-party component"
}
],
"impacts": [
{
"capecId": "CAPEC-588",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-588: DOM-Based XSS"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1395",
"description": "CWE-1395: Dependency on Vulnerable Third-Party Component",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T14:50:34.077Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003e\u003cp\u003eUpdate firmware of \u003cstrong\u003ePro4 Fixed\u003c/strong\u003e cameras to \u003cstrong\u003eIllustra.SS016.24.03.00.0007\u003c/strong\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eUpdate firmware of \u003cstrong\u003ePro4 PTZ\u003c/strong\u003e cameras to\u003cstrong\u003e Illustra.SS010.24.03.00.0005\u003c/strong\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eUpdate firmware of \u003cstrong\u003eFlex4 Fixed \u0026amp; PTZ\u003c/strong\u003e cameras to \u003cstrong\u003eIllustra.SS018.24.03.00.0010\u003c/strong\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eUpdate firmware of \u003cstrong\u003ePro4 MultiSensor \u003c/strong\u003ecameras to \u003cstrong\u003eIllustra.SS017.24.03.00.0009\u003c/strong\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eUpdate firmware of \u003cstrong\u003eFlex4 DualSensor \u003c/strong\u003ecameras to \u003cstrong\u003eIllustra.SS022.24.03.00.0008\u003c/strong\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "* Update firmware of Pro4 Fixed cameras to Illustra.SS016.24.03.00.0007\n\n\n * Update firmware of Pro4 PTZ cameras to Illustra.SS010.24.03.00.0005\n\n\n * Update firmware of Flex4 Fixed \u0026 PTZ cameras to Illustra.SS018.24.03.00.0010\n\n\n * Update firmware of Pro4 MultiSensor cameras to Illustra.SS017.24.03.00.0009\n\n\n * Update firmware of Flex4 DualSensor cameras to Illustra.SS022.24.03.00.0008"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "TYCO Illustra Pro Gen 4 - JQuery version",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32753",
"datePublished": "2024-07-11T15:30:39.367Z",
"dateReserved": "2024-04-17T17:26:35.180Z",
"dateUpdated": "2024-08-16T14:50:34.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32759 (GCVE-0-2024-32759)
Vulnerability from cvelistv5 – Published: 2024-07-10 17:43 – Updated: 2024-08-02 02:20
VLAI?
Title
Johnson Controls Software House C●CURE 9000 installer password strength
Summary
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials.
Severity ?
CWE
- CWE-1391 - Use of Weak Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Software House C•CURE 9000 |
Affected:
0 , ≤ 2.80
(custom)
|
Credits
Reid Wightman of Dragos
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:software_house_c-cure_9000:2.80:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "software_house_c-cure_9000",
"vendor": "johnsoncontrols",
"versions": [
{
"status": "affected",
"version": "2.80"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32759",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T14:32:52.725607Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T14:37:16.078Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Software House C\u2022CURE 9000",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2.80",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reid Wightman of Dragos"
}
],
"datePublic": "2024-07-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances the Software House C\u25cfCURE 9000 installer will utilize weak credentials. \u003c/span\u003e\n\n"
}
],
"value": "Under certain circumstances the Software House C\u25cfCURE 9000 installer will utilize weak credentials."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1391",
"description": "CWE-1391: Use of Weak Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T17:43:01.428Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Software House C\u25cfCURE 9000 to at least version 2.90\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update Software House C\u25cfCURE 9000 to at least version 2.90"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Johnson Controls Software House C\u25cfCURE 9000 installer password strength",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32759",
"datePublished": "2024-07-10T17:43:01.428Z",
"dateReserved": "2024-04-17T17:26:35.181Z",
"dateUpdated": "2024-08-02T02:20:35.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32754 (GCVE-0-2024-32754)
Vulnerability from cvelistv5 – Published: 2024-07-04 10:43 – Updated: 2025-08-27 20:42
VLAI?
Title
Johnson Controls Kantech KT1, KT2, and KT400 Door Controllers - Exposure of Sensitive Information
Summary
Under certain circumstances, when the controller is in factory reset mode waiting for initial setup, it will broadcast its MAC address, serial number, and firmware version. Once configured, the controller will no longer broadcast this information.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Johnson Controls | Kantech KT1 Door Controller, Rev01 |
Affected:
0 , ≤ 2.09.10
(custom)
|
||||||||||||
|
||||||||||||||
Credits
National Computer Emergency Response Team (CERT) of India
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32754",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-05T19:54:50.619118Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T20:42:54.379Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-184-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kantech KT1 Door Controller, Rev01",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2.09.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Kantech KT2 Door Controller, Rev01",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2.09.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Kantech KT400 Door Controller, Rev01",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "3.01.16",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "National Computer Emergency Response Team (CERT) of India"
}
],
"datePublic": "2024-07-02T16:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances, when the controller is in factory reset mode waiting for initial setup, it will broadcast its MAC address, serial number, and firmware version. Once configured, the controller will no longer broadcast this information.\u003c/span\u003e\n\n"
}
],
"value": "Under certain circumstances, when the controller is in factory reset mode waiting for initial setup, it will broadcast its MAC address, serial number, and firmware version. Once configured, the controller will no longer broadcast this information."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117: Interception"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-04T10:46:41.686Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-184-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eUpdate Kantech door controllers as follows:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eUpdate Kantech KT1 Door Controller to at least version 3.10.12\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eUpdate Kantech KT2 Door Controller to at least version 3.10.12\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003eUpdate Kantech KT400 Door Controller to at least version 3.03\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Update Kantech door controllers as follows:\n\n * Update Kantech KT1 Door Controller to at least version 3.10.12\n\n\n * Update Kantech KT2 Door Controller to at least version 3.10.12\n\n\n * Update Kantech KT400 Door Controller to at least version 3.03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Johnson Controls Kantech KT1, KT2, and KT400 Door Controllers - Exposure of Sensitive Information",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32754",
"datePublished": "2024-07-04T10:43:46.161Z",
"dateReserved": "2024-04-17T17:26:35.180Z",
"dateUpdated": "2025-08-27T20:42:54.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32932 (GCVE-0-2024-32932)
Vulnerability from cvelistv5 – Published: 2024-07-02 14:08 – Updated: 2024-08-02 02:27
VLAI?
Title
American Dynamics Illustra Essentials Gen 4 - Reversible User Credential - stored web interface
Summary
Under certain circumstances the web interface users credentials may be recovered by an authenticated user.
Severity ?
6.8 (Medium)
CWE
- CWE-257 - Storing Passwords in a Recoverable Format
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | American Dynamics Illustra Essentials Gen 4 |
Unaffected:
0 , ≤ Illustra.Ess4.01.02.10.5982
(custom)
|
Credits
Sam Hanson of Dragos
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_essential_gen_4_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "illustra_essential_gen_4_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThan": "Illustra.Ess4.01.02.13.6953",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32932",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T19:29:03.524515Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T13:50:46.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:27:52.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "American Dynamics Illustra Essentials Gen 4",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "Illustra.Ess4.01.02.10.5982",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sam Hanson of Dragos"
}
],
"datePublic": "2024-06-27T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.055);\"\u003eUnder certain circumstances the web interface users credentials may be recovered by an authenticated user.\u003c/span\u003e"
}
],
"value": "Under certain circumstances the web interface users credentials may be recovered by an authenticated user."
}
],
"impacts": [
{
"capecId": "CAPEC-560",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-560: Use of Known Domain Credentials"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257: Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T11:54:42.152Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-07"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpgrade camera to Illustra.Ess4.01.02.13.6953\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Upgrade camera to Illustra.Ess4.01.02.13.6953"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "American Dynamics Illustra Essentials Gen 4 - Reversible User Credential - stored web interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32932",
"datePublished": "2024-07-02T14:08:17.013Z",
"dateReserved": "2024-04-19T17:27:45.230Z",
"dateUpdated": "2024-08-02T02:27:52.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32757 (GCVE-0-2024-32757)
Vulnerability from cvelistv5 – Published: 2024-07-02 14:02 – Updated: 2024-08-02 02:20
VLAI?
Title
American Dynamics Illustra Essentials Gen 4 - Linux Credential Leak
Summary
Under certain circumstances unnecessary user details are provided within system logs
Severity ?
6.8 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | American Dynamics Illustra Essentials Gen 4 |
Unaffected:
0 , ≤ Illustra.Ess4.01.02.10.5982
(custom)
|
Credits
Sam Hanson of Dragos
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_essential_gen_4_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "illustra_essential_gen_4_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThan": "Illustra.Ess4.01.02.13.6953",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T13:52:39.937857Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T13:52:43.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "American Dynamics Illustra Essentials Gen 4",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "Illustra.Ess4.01.02.10.5982",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sam Hanson of Dragos"
}
],
"datePublic": "2024-06-27T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances unnecessary user details are provided within system logs\u003c/span\u003e"
}
],
"value": "Under certain circumstances unnecessary user details are provided within system logs"
}
],
"impacts": [
{
"capecId": "CAPEC-653",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-653: Use of Known Operating System Credentials"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T11:52:43.770Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-06"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUpdate firmware to Illustra.Ess4.01.02.13.6953\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Update firmware to Illustra.Ess4.01.02.13.6953"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "American Dynamics Illustra Essentials Gen 4 - Linux Credential Leak",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32757",
"datePublished": "2024-07-02T14:02:15.247Z",
"dateReserved": "2024-04-17T17:26:35.181Z",
"dateUpdated": "2024-08-02T02:20:35.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32756 (GCVE-0-2024-32756)
Vulnerability from cvelistv5 – Published: 2024-07-02 13:53 – Updated: 2024-08-02 02:20
VLAI?
Title
American Dynamics Illustra Essentials Gen 4 - Reversible User Credential - Linux
Summary
Under certain circumstances the Linux users credentials may be recovered by an authenticated user.
Severity ?
6.8 (Medium)
CWE
- CWE-257 - Storing Passwords in a Recoverable Format
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | American Dynamics Illustra Essentials Gen 4 |
Affected:
0 , ≤ Illustra.Ess4.01.02.10.5982
(custom)
|
Credits
Sam Hanson of Dragos
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_essential_gen_4_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "illustra_essential_gen_4_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThan": "Illustra.Ess4.01.02.13.6953",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32756",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T13:53:13.833494Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T13:53:16.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "American Dynamics Illustra Essentials Gen 4",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "Illustra.Ess4.01.02.10.5982",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sam Hanson of Dragos"
}
],
"datePublic": "2024-06-27T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.06);\"\u003eUnder certain circumstances the Linux users credentials may be recovered by an authenticated user.\u003c/span\u003e"
}
],
"value": "Under certain circumstances the Linux users credentials may be recovered by an authenticated user."
}
],
"impacts": [
{
"capecId": "CAPEC-653",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-653: Use of Known Operating System Credentials"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257: Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T11:45:27.593Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-05"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgba(9, 30, 66, 0.024);\"\u003eUpgrade camera to Illustra.Ess4.01.02.13.6953\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Upgrade camera to Illustra.Ess4.01.02.13.6953"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "American Dynamics Illustra Essentials Gen 4 - Reversible User Credential - Linux",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32756",
"datePublished": "2024-07-02T13:53:18.769Z",
"dateReserved": "2024-04-17T17:26:35.180Z",
"dateUpdated": "2024-08-02T02:20:35.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32755 (GCVE-0-2024-32755)
Vulnerability from cvelistv5 – Published: 2024-07-02 13:38 – Updated: 2024-08-02 02:20
VLAI?
Title
American Dynamics Illustra Essentials Gen 4 - Log Filter Input Validation
Summary
Under certain circumstances the web interface will accept characters unrelated to the expected input.
Severity ?
9.1 (Critical)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | American Dynamics Illustra Essentials Gen 4 |
Affected:
0 , ≤ Illustra.Ess4.01.02.10.5982
(custom)
|
Credits
Sam Hanson of Dragos
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:johnsoncontrols:illustra_essential_gen_4_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "illustra_essential_gen_4_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"lessThan": "Illustra.Ess4.01.02.13.6953",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32755",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T19:35:11.858001Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T13:52:56.301Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "American Dynamics Illustra Essentials Gen 4",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "Illustra.Ess4.01.02.10.5982",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sam Hanson of Dragos"
}
],
"datePublic": "2024-06-27T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances the web interface will accept characters unrelated to the expected input.\u003c/span\u003e"
}
],
"value": "Under certain circumstances the web interface will accept characters unrelated to the expected input."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T11:48:50.087Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate firmware to Illustra.Ess4.01.02.13.6953\u003c/span\u003e"
}
],
"value": "Update firmware to Illustra.Ess4.01.02.13.6953"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "American Dynamics Illustra Essentials Gen 4 - Log Filter Input Validation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32755",
"datePublished": "2024-07-02T13:38:41.336Z",
"dateReserved": "2024-04-17T17:26:35.180Z",
"dateUpdated": "2024-08-02T02:20:35.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32752 (GCVE-0-2024-32752)
Vulnerability from cvelistv5 – Published: 2024-06-06 20:49 – Updated: 2025-04-24 20:05
VLAI?
Title
Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool
Summary
The iSTAR door controllers running firmware prior to version 6.6.B, does not support authenticated
communications with ICU, which may allow an attacker to gain unauthorized access
Severity ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Johnson Controls | iSTAR Configuration Utility (ICU) |
Affected:
0 , ≤ All
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Reid Wightman
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:johnsoncontrols:software_house_istar_pro_door_controller:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "software_house_istar_pro_door_controller",
"vendor": "johnsoncontrols",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"cpes": [
"cpe:2.3:h:johnsoncontrols:icu:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "icu",
"vendor": "johnsoncontrols",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32752",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-07T16:00:39.441305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T16:15:20.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-06.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-158-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "iSTAR Configuration Utility (ICU)",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "All",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "iSTAR Pro, Edge and eX",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "All",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "iSTAR Ultra and Ultra LT",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "6.6.B",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reid Wightman"
}
],
"datePublic": "2025-04-24T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The iSTAR door controllers running firmware prior to version 6.6.B, does not support authenticated\ncommunications with ICU, which may allow an attacker to gain unauthorized access"
}
],
"value": "The iSTAR door controllers running firmware prior to version 6.6.B, does not support authenticated\ncommunications with ICU, which may allow an attacker to gain unauthorized access"
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248: Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T20:05:35.350Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-158-04"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u2022 Replace the iSTAR Pro, Edge and eX door controllers with a current generation iSTAR door controller (such\nas iSTAR Ultra G2) which supports authentication and prevents the ICU from making configuration\nchanges.\n\u003cbr\u003e\u2022 Ensure your iSTAR Ultra and Ultra LT door controllers are running firmware 6.6.B or greater. \n\n\u003cbr\u003e"
}
],
"value": "\u2022 Replace the iSTAR Pro, Edge and eX door controllers with a current generation iSTAR door controller (such\nas iSTAR Ultra G2) which supports authentication and prevents the ICU from making configuration\nchanges.\n\n\u2022 Ensure your iSTAR Ultra and Ultra LT door controllers are running firmware 6.6.B or greater."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-32752",
"datePublished": "2024-06-06T20:49:53.476Z",
"dateReserved": "2024-04-17T17:26:35.180Z",
"dateUpdated": "2025-04-24T20:05:35.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0912 (GCVE-0-2024-0912)
Vulnerability from cvelistv5 – Published: 2024-06-05 23:23 – Updated: 2024-08-01 18:18
VLAI?
Title
CCURE passwords exposed to administrators
Summary
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Controls | Software House C•CURE 9000 |
Affected:
0 , ≤ 2.90
(custom)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:c-cure_9000_firmware:3.00.2:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "c-cure_9000_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"status": "affected",
"version": "3.00.2"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T13:26:19.917096Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T13:29:07.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-04.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Software House C\u2022CURE 9000",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2.90",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-05-14T23:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances the Microsoft\u00ae Internet Information Server (IIS) used to host the C\u2022CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C\u2022CURE 9000 or prior versions\u003c/span\u003e\n\n"
}
],
"value": "Under certain circumstances the Microsoft\u00ae Internet Information Server (IIS) used to host the C\u2022CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C\u2022CURE 9000 or prior versions"
}
],
"impacts": [
{
"capecId": "CAPEC-560",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-560 Use of Known Domain Credentials"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T23:24:21.753Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-04.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eUpdate C\u2022CURE 9000 to version 3.00.2 CU02 or 3.00.3\u003cbr\u003e\u003c/p\u003e\u003cp\u003eChange the password for the impacted windows accounts.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eDelete the api.log log file (or remove instances of passwords from the log file with a text editor) located at \"C:\\Program Files (x86)\\Tyco\\victorWebServices\\victorWebsite\\Logs\\archives\"\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update C\u2022CURE 9000 to version 3.00.2 CU02 or 3.00.3\n\n\nChange the password for the impacted windows accounts.\n\n\nDelete the api.log log file (or remove instances of passwords from the log file with a text editor) located at \"C:\\Program Files (x86)\\Tyco\\victorWebServices\\victorWebsite\\Logs\\archives\""
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CCURE passwords exposed to administrators",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-0912",
"datePublished": "2024-06-05T23:23:24.863Z",
"dateReserved": "2024-01-25T21:48:54.313Z",
"dateUpdated": "2024-08-01T18:18:18.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0242 (GCVE-0-2024-0242)
Vulnerability from cvelistv5 – Published: 2024-02-08 19:34 – Updated: 2024-08-01 17:41
VLAI?
Title
Unauthorized access to settings in Qolsys IQ Panel 4 and IQ4 Hub
Summary
Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings.
Severity ?
7.3 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Qolsys, Inc. | IQ Panel 4 |
Affected:
0 , < 4.4.2
(custom)
|
|||||||
|
|||||||||
Credits
Cody Jung
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0242",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-09T16:33:51.654700Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:20:47.918Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-039-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IQ Panel 4",
"vendor": "Qolsys, Inc.",
"versions": [
{
"lessThan": "4.4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IQ4 Hub",
"vendor": "Qolsys, Inc.",
"versions": [
{
"lessThan": "4.4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Cody Jung"
}
],
"datePublic": "2024-02-08T19:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings."
}
],
"value": "Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings."
}
],
"impacts": [
{
"capecId": "CAPEC-212",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-212 Functionality Misuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-08T19:34:14.895Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-039-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade IQ Panel 4 to version 4.4.2.\u003cbr\u003e"
}
],
"value": "Upgrade IQ Panel 4 to version 4.4.2.\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade IQ4 Hub to version 4.4.2.\u003cbr\u003e"
}
],
"value": "Upgrade IQ4 Hub to version 4.4.2.\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The firmware can be updated remotely to all available devices in the field.\u003cbr\u003e"
}
],
"value": "The firmware can be updated remotely to all available devices in the field.\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The firmware update can also be manually loaded by applying the patch tag \u201ciqpanel4.4.2\u201d on the device after navigating to its firmware update page.\u003cbr\u003e"
}
],
"value": "The firmware update can also be manually loaded by applying the patch tag \u201ciqpanel4.4.2\u201d on the device after navigating to its firmware update page.\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized access to settings in Qolsys IQ Panel 4 and IQ4 Hub",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-0242",
"datePublished": "2024-02-08T19:34:14.895Z",
"dateReserved": "2024-01-04T19:27:40.165Z",
"dateUpdated": "2024-08-01T17:41:16.073Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0248 (GCVE-0-2023-0248)
Vulnerability from cvelistv5 – Published: 2023-12-14 20:57 – Updated: 2024-10-08 14:19
VLAI?
Title
Kantech Gen1 ioSmart card reader
Summary
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader.
Severity ?
7.5 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sensormatic Electronics, a subsidiary of Johnson Controls, Inc. | ioSmart Gen1 |
Affected:
0 , < 1.07.02
(custom)
|
Credits
Colin O’Flynn at NewAE Technology Inc.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:02:44.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-02"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-13T21:03:38.527676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:19:18.925Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ioSmart Gen1",
"vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.",
"versions": [
{
"lessThan": "1.07.02",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Colin O\u2019Flynn at NewAE Technology Inc."
}
],
"datePublic": "2023-12-14T20:34:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader\u0027s communication memory between the card and reader.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader\u0027s communication memory between the card and reader.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-54",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-54 Query System for Information"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-15T21:16:03.463Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update ioSmart Gen1 card reader to firmware version 1.07.02 or higher.\u003cbr\u003eDownload the update here:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.kantech.com/Resources/GetDoc.aspx?p=1\u0026amp;id=58679\"\u003ehttps://www.kantech.com/Resources/GetDoc.aspx?p=1\u0026amp;id=58679\u003c/a\u003e\u003cbr\u003eContact technical support for additional information.\u003cbr\u003e\u003cbr\u003eioSmart Gen2 readers are not affected by this behavior.\u003cbr\u003eContact your local sales representative for ordering information.\u003cbr\u003e"
}
],
"value": "Update ioSmart Gen1 card reader to firmware version 1.07.02 or higher.\nDownload the update here:\u00a0 https://www.kantech.com/Resources/GetDoc.aspx?p=1\u0026id=58679 https://www.kantech.com/Resources/GetDoc.aspx \nContact technical support for additional information.\n\nioSmart Gen2 readers are not affected by this behavior.\nContact your local sales representative for ordering information.\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kantech Gen1 ioSmart card reader",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2023-0248",
"datePublished": "2023-12-14T20:57:33.625Z",
"dateReserved": "2023-01-12T15:26:20.842Z",
"dateUpdated": "2024-10-08T14:19:18.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4486 (GCVE-0-2023-4486)
Vulnerability from cvelistv5 – Published: 2023-12-07 19:55 – Updated: 2025-05-28 13:52
VLAI?
Title
Uncontrolled Resource Consumption in Metasys and Facility Explorer
Summary
Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to
versions 11.0.6 and 12.0.4
and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Johnson Controls | Metasys NAE55/SNE/SNC |
Affected:
12.0 , < 12.0.4
(custom)
Affected: 11.0 , < 11.0.6 (custom) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-341-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4486",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-23T05:01:05.723101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T13:52:00.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Metasys NAE55/SNE/SNC",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "12.0.4",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Facility Explorer F4-SNC",
"vendor": "Johnson Controls",
"versions": [
{
"lessThan": "12.0.4",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-12-07T19:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to \n\nversions 11.0.6 and 12.0.4\n\n and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to \n\nversions 11.0.6 and 12.0.4\n\n and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T16:57:41.349Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-341-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Metasys NAE55, SNE, and SNC engines to version 12.0.4.\u003cbr\u003e"
}
],
"value": "Update Metasys NAE55, SNE, and SNC engines to version 12.0.4.\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Metasys NAE55, SNE, and SNC engines to version 11.0.6.\n\n\u003cbr\u003e"
}
],
"value": "Update Metasys NAE55, SNE, and SNC engines to version 11.0.6.\n\n\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Facility Explorer F4-SNC engine to version 12.0.4.\u003cbr\u003e"
}
],
"value": "Update Facility Explorer F4-SNC engine to version 12.0.4.\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Facility Explorer F4-SNC engine to version 11.0.6. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\nUpdate Facility Explorer F4-SNC engine to version 11.0.6. \u00a0\n\n\n\n\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nFor more information, contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS).\n\n\u003cbr\u003e"
}
],
"value": "\nFor more information, contact your local Johnson Controls office or Authorized Building Control Specialists (ABCS).\n\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Uncontrolled Resource Consumption in Metasys and Facility Explorer",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2023-4486",
"datePublished": "2023-12-07T19:55:39.265Z",
"dateReserved": "2023-08-22T19:40:01.192Z",
"dateUpdated": "2025-05-28T13:52:00.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}