Unrated severityNVD Advisory· Published Aug 20, 2019· Updated Aug 4, 2024
Metasys use of hardcoded RC2 key
CVE-2019-7594
Description
Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal (SMP).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <9.0
- Johnson Controls/Metasys versions prior to 9.0v5Range: 9.0
Patches
Vulnerability mechanics
References
2- www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2019/jci-psa-2019-06-v1-metasys-icsa-19-227-01.pdfmitrex_refsource_CONFIRM
- www.us-cert.gov/ics/advisories/icsa-19-227-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.