Filtered by vendor Johnsoncontrols
Subscriptions
Total
73 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-61739 | 1 Johnsoncontrols | 5 Iq Panels2, Iq Panels2+, Iqhub and 2 more | 2025-12-23 | N/A |
| Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets. | ||||
| CVE-2025-61738 | 1 Johnsoncontrols | 5 Iq Panels2, Iq Panels2+, Iqhub and 2 more | 2025-12-23 | N/A |
| Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network. | ||||
| CVE-2025-26379 | 1 Johnsoncontrols | 5 Iq Panels2, Iq Panels2+, Iqhub and 2 more | 2025-12-23 | N/A |
| Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets. | ||||
| CVE-2025-61740 | 1 Johnsoncontrols | 5 Iq Panels2, Iq Panels2+, Iqhub and 2 more | 2025-12-23 | N/A |
| Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device. | ||||
| CVE-2025-26381 | 1 Johnsoncontrols | 1 Openblue Workplace | 2025-12-18 | N/A |
| Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information. | ||||
| CVE-2025-43873 | 1 Johnsoncontrols | 6 Edge G2, Istar Edge G2, Istar Ultra and 3 more | 2025-12-18 | N/A |
| Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device. | ||||
| CVE-2025-61736 | 1 Johnsoncontrols | 5 Istar Edge, Istar Ultra, Istar Ultra Lt and 2 more | 2025-12-18 | N/A |
| Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires. | ||||
| CVE-2023-4804 | 1 Johnsoncontrols | 12 Quantum Hd Unity Acuair, Quantum Hd Unity Acuair Firmware, Quantum Hd Unity Compressor and 9 more | 2025-12-16 | 10 Critical |
| An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed. | ||||
| CVE-2025-53695 | 1 Johnsoncontrols | 1 Istar Ultra | 2025-08-19 | N/A |
| OS Command Injection in iSTAR Ultra products web application allows an authenticated attacker to gain even more privileged access ('root' user) to the device firmware. | ||||
| CVE-2025-53696 | 1 Johnsoncontrols | 1 Istar Ultra | 2025-08-19 | N/A |
| iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These firmware parts may contain malicious code. Tested up to firmware 6.9.2, later firmwares are also possibly affected. | ||||
| CVE-2024-32861 | 1 Johnsoncontrols | 1 Software House C-cure 9000 | 2025-07-21 | 7.8 High |
| Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions. | ||||
| CVE-2023-4486 | 1 Johnsoncontrols | 20 F4-snc, F4-snc Firmware, Nae55 and 17 more | 2025-05-28 | 7.5 High |
| Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service. | ||||
| CVE-2021-36201 | 1 Johnsoncontrols | 2 C-cure 9000, C-cure 9000 Firmware | 2025-05-15 | 4.3 Medium |
| Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions. | ||||
| CVE-2021-36206 | 1 Johnsoncontrols | 1 Cevas | 2025-05-05 | 10 Critical |
| All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries. | ||||
| CVE-2024-32752 | 1 Johnsoncontrols | 2 Icu, Software House Istar Pro Door Controller | 2025-04-24 | 9.1 Critical |
| The iSTAR door controllers running firmware prior to version 6.6.B, does not support authenticated communications with ICU, which may allow an attacker to gain unauthorized access | ||||
| CVE-2014-5427 | 1 Johnsoncontrols | 12 Application And Data Server, Extended Application And Data Server, Lonworks Control Server Lcs8520 and 9 more | 2025-04-12 | N/A |
| Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integration Engine (NIE) 5xxx-x, and NxE8500, allows remote attackers to read password hashes via a POST request. | ||||
| CVE-2014-5428 | 1 Johnsoncontrols | 12 Application And Data Server, Extended Application And Data Server, Lonworks Control Server Lcs8520 and 9 more | 2025-04-12 | N/A |
| Unrestricted file upload vulnerability in unspecified web services in Johnson Controls Metasys 4.1 through 6.5, as used in Application and Data Server (ADS), Extended Application and Data Server (aka ADX), LonWorks Control Server 85 LCS8520, Network Automation Engine (NAE) 55xx-x, Network Integration Engine (NIE) 5xxx-x, and NxE8500, allows remote attackers to execute arbitrary code by uploading a shell script. | ||||
| CVE-2012-4026 | 1 Johnsoncontrols | 2 Pegasys P2000 Server, Pegasys P2000 Server Software | 2025-04-11 | N/A |
| The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerability than CVE-2012-2607. | ||||
| CVE-2012-2607 | 1 Johnsoncontrols | 2 Network Controller, Network Controller Firmware | 2025-04-11 | N/A |
| The Johnson Controls CK721-A controller with firmware before SSM4388_03.1.0.14_BB allows remote attackers to perform arbitrary actions via crafted packets to TCP port 41014 (aka the download port). | ||||
| CVE-2021-36204 | 1 Johnsoncontrols | 3 Metasys Application And Data Server, Metasys Extended Application And Data Server, Metasys Open Application Server | 2025-04-07 | 7.8 High |
| Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text. | ||||