High severityNVD Advisory· Published May 6, 2026· Updated May 6, 2026
CVE-2026-21661
CVE-2026-21661
Description
Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths.
This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
1News mentions
1- Johnson Controls CEM AC2000CISA ICS Advisories