Refine your search
1 vulnerability found for by Johnson Control
CVE-2025-43873 (GCVE-0-2025-43873)
Vulnerability from cvelistv5
Published
2025-12-17 15:53
Modified
2025-12-17 16:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Johnson Control | iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43873",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T16:42:09.310159Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T16:42:19.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2",
"vendor": "Johnson Control",
"versions": [
{
"lessThanOrEqual": "6.9.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Reid Wightman of Dragos reported these vulnerabilities to CISA."
}
],
"datePublic": "2025-12-12T15:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSuccessful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88: OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T15:53:04.477Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eUpgrade iSTAR Ultra, iSTAR Ultra SE, iStar Ultra LT to version 6.9.7.CU01 or greater.\u003c/li\u003e\u003cli\u003eUpgrade iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 to version 6.9.3 or greater.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "* Upgrade iSTAR Ultra, iSTAR Ultra SE, iStar Ultra LT to version 6.9.7.CU01 or greater.\n * Upgrade iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 to version 6.9.3 or greater."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - setFaultDebounce",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2025-43873",
"datePublished": "2025-12-17T15:53:04.477Z",
"dateReserved": "2025-04-17T20:07:25.122Z",
"dateUpdated": "2025-12-17T16:42:19.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}