Critical severity9.8NVD Advisory· Published Mar 10, 2020· Updated Jun 17, 2026
CVE-2019-7589
CVE-2019-7589
Description
A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate Edition versions 8.0 and prior; Kantech EntraPass Global Edition versions 8.0 and prior.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<=8.0+ 2 more
- (no CPE)range: <=8.0
- (no CPE)range: versions 8.0 and prior
- (no CPE)range: versions 8.0 and prior
Patches
Vulnerability mechanics
References
2- www.johnsoncontrols.com/cyber-solutions/security-advisoriesnvdVendor Advisory
- www.us-cert.gov/ics/advisories/icsa-20-070-04nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.