Unrated severityNVD Advisory· Published Jul 16, 2012· Updated Apr 29, 2026

CVE-2012-2607

Description

The Johnson Controls CK721-A controller with firmware before SSM4388_03.1.0.14_BB allows remote attackers to perform arbitrary actions via crafted packets to TCP port 41014 (aka the download port).

Affected products

Johnsoncontrols/Network Controller
cpe:2.3:h:johnsoncontrols:network_controller:ck721-a:*:*:*:*:*:*:*
Johnsoncontrols/Network Controller Firmware2 versions
cpe:2.3:o:johnsoncontrols:network_controller_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:johnsoncontrols:network_controller_firmware:*:*:*:*:*:*:*:*range: <=03.1.0.14
- cpe:2.3:o:johnsoncontrols:network_controller_firmware:03.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/977312nvdUS Government Resource
www.kb.cert.org/vuls/id/MORO-8UYN8Pnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000