Vendor CVEs
Johnson Controls
All CVEs
57 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-2024 | Cri | 0.65 | 10.0 | 0.01 | May 18, 2023 | Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances. | ||
| CVE-2021-36206 | Cri | 0.65 | 10.0 | 0.00 | Oct 28, 2022 | All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries. | ||
| CVE-2020-9045 | Cri | 0.64 | 9.9 | 0.01 | May 21, 2020 | During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor Video Management System v5.2, the credentials of the user used to perform the installation or upgrade are logged in a file. The install log file persists after the installation. | ||
| CVE-2019-7589 | Cri | 0.64 | 9.8 | 0.02 | Mar 10, 2020 | A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate… | ||
| CVE-2025-26385 | Cri | 0.62 | — | 0.01 | Jan 30, 2026 | Johnson Controls Metasys component listed below have Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability . Successful exploitation of this vulnerability could allow remote SQL execution This issue affects * Metasys:… | ||
| CVE-2025-26382 | Cri | 0.61 | — | 0.00 | Apr 24, 2025 | Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer overflow issue | ||
| CVE-2024-32752 | Cri | 0.59 | 9.1 | 0.01 | Jun 6, 2024 | The iSTAR door controllers running firmware prior to version 6.6.B, does not support authenticated communications with ICU, which may allow an attacker to gain unauthorized access | ||
| CVE-2022-21937 | Hig | 0.57 | 8.7 | 0.01 | Jun 15, 2022 | Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface. | ||
| CVE-2021-36207 | Hig | 0.57 | 8.8 | 0.01 | Apr 29, 2022 | Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator. | ||
| CVE-2021-27660 | Hig | 0.57 | 8.8 | 0.02 | Jul 1, 2021 | An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs. | ||
| CVE-2021-27657 | Hig | 0.57 | 8.8 | 0.01 | Jun 4, 2021 | Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sending specifically crafted web messages to the Metasys system. This issue affects:… | ||
| CVE-2020-9046 | Hig | 0.57 | 8.8 | 0.00 | May 26, 2020 | A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files. | ||
| CVE-2021-27662 | Hig | 0.56 | 8.6 | 0.01 | Sep 15, 2021 | The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and including 3.01 | ||
| CVE-2021-36202 | Hig | 0.55 | 8.4 | 0.01 | Apr 7, 2022 | Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions… | ||
| CVE-2023-3548 | Hig | 0.54 | 8.3 | 0.00 | Jul 25, 2023 | An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack. | ||
| CVE-2023-0954 | Hig | 0.54 | 8.3 | 0.01 | Jun 8, 2023 | A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack. | ||
| CVE-2022-21936 | Hig | 0.53 | 8.1 | 0.00 | Oct 7, 2022 | On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI. | ||
| CVE-2022-21938 | Hig | 0.53 | 8.1 | 0.00 | Jun 15, 2022 | Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface. | ||
| CVE-2021-36205 | Hig | 0.53 | 8.1 | 0.01 | Apr 15, 2022 | Under certain circumstances the session token is not cleared on logout. | ||
| CVE-2021-27663 | Hig | 0.53 | 8.2 | 0.02 | Aug 30, 2021 | A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5. | ||
| CVE-2022-21934 | Hig | 0.52 | 8.0 | 0.01 | May 6, 2022 | Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2. | ||
| CVE-2024-32861 | Hig | 0.51 | 7.8 | 0.00 | Jul 16, 2024 | Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions. | ||
| CVE-2021-36204 | Hig | 0.51 | 7.8 | 0.00 | Jan 13, 2023 | Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text. | ||
| CVE-2024-32759 | Hig | 0.50 | — | 0.00 | Jul 10, 2024 | Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials. | ||
| CVE-2023-0248 | Hig | 0.49 | 7.5 | 0.00 | Dec 14, 2023 | An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader. | ||
| CVE-2023-4486 | Hig | 0.49 | 7.5 | 0.01 | Dec 7, 2023 | Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause… | ||
| CVE-2023-3127 | Hig | 0.49 | 7.5 | 0.00 | Jul 11, 2023 | An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights. | ||
| CVE-2022-21940 | Hig | 0.49 | 7.5 | 0.00 | Feb 9, 2023 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie. | ||
| CVE-2022-21939 | Hig | 0.49 | 7.5 | 0.01 | Feb 9, 2023 | Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie. | ||
| CVE-2022-21935 | Hig | 0.49 | 7.5 | 0.01 | Jun 15, 2022 | A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change. | ||
| CVE-2020-9050 | Hig | 0.49 | 7.5 | 0.02 | Feb 19, 2021 | Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system. | ||
| CVE-2020-9044 | Hig | 0.49 | 7.5 | 0.01 | Mar 10, 2020 | XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys… | ||
| CVE-2025-26386 | Hig | 0.46 | — | 0.00 | Jan 28, 2026 | Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior. Successful exploitation of this vulnerability could result in failure within the operating system of… | ||
| CVE-2020-9049 | Hig | 0.46 | 7.1 | 0.01 | Nov 19, 2020 | A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for… | ||
| CVE-2020-9048 | Hig | 0.46 | 7.1 | 0.01 | Oct 8, 2020 | A vulnerability in specified versions of American Dynamics victor Web Client and Software House CCURE Web Client could allow a remote unauthenticated attacker on the network to delete arbitrary files on the system or render the system unusable by conducting a Denial of Service… | ||
| CVE-2019-7594 | Med | 0.44 | 6.8 | 0.01 | Aug 20, 2019 | Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal (SMP). | ||
| CVE-2019-7593 | Med | 0.44 | 6.8 | 0.01 | Aug 20, 2019 | Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal (SMP). | ||
| CVE-2019-7588 | Med | 0.44 | 6.7 | 0.01 | Jun 18, 2019 | A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. This vulnerability impacts exacqVision ESM v5.12.2 and all prior versions of ESM running on a Windows operating system.… | ||
| CVE-2018-10624 | Med | 0.42 | 6.5 | 0.01 | Aug 1, 2018 | In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information. | ||
| CVE-2025-26383 | Med | 0.41 | — | 0.00 | Jun 11, 2025 | The iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the Windows PC that ICU is running on. | ||
| CVE-2021-36199 | Med | 0.35 | 5.3 | 0.01 | Jan 14, 2022 | Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop. | ||
| CVE-2021-36200 | Med | 0.34 | 5.3 | 0.01 | Jul 22, 2022 | Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users. | ||
| CVE-2023-2025 | Med | 0.33 | 5.0 | 0.01 | May 18, 2023 | OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances. | ||
| CVE-2021-36201 | Med | 0.28 | 4.3 | 0.01 | Oct 11, 2022 | Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions. | ||
| CVE-2021-27658 | Med | 0.28 | 4.3 | 0.01 | Jun 24, 2021 | exacqVision Enterprise Manager 20.12 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users. | ||
| CVE-2026-21660 | 0.00 | — | 0.00 | Feb 27, 2026 | Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise… | |||
| CVE-2026-21659 | 0.00 | — | 0.01 | Feb 27, 2026 | Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. … | |||
| CVE-2026-21658 | 0.00 | — | 0.01 | Feb 27, 2026 | Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which… | |||
| CVE-2026-21657 | 0.00 | — | 0.00 | Feb 27, 2026 | Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device… | |||
| CVE-2026-21656 | 0.00 | — | 0.00 | Feb 27, 2026 | Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device… |
- risk 0.65cvss 10.0epss 0.01
Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances.
- risk 0.65cvss 10.0epss 0.00
All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries.
- risk 0.64cvss 9.9epss 0.01
During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor Video Management System v5.2, the credentials of the user used to perform the installation or upgrade are logged in a file. The install log file persists after the installation.
- risk 0.64cvss 9.8epss 0.02
A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate…
- risk 0.62cvss —epss 0.01
Johnson Controls Metasys component listed below have Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability . Successful exploitation of this vulnerability could allow remote SQL execution This issue affects * Metasys:…
- risk 0.61cvss —epss 0.00
Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer overflow issue
- risk 0.59cvss 9.1epss 0.01
The iSTAR door controllers running firmware prior to version 6.6.B, does not support authenticated communications with ICU, which may allow an attacker to gain unauthorized access
- risk 0.57cvss 8.7epss 0.01
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the web interface.
- risk 0.57cvss 8.8epss 0.01
Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions 10 and 11 could allow an authenticated user to elevate their privileges to administrator.
- risk 0.57cvss 8.8epss 0.02
An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs.
- risk 0.57cvss 8.8epss 0.01
Successful exploitation of this vulnerability could give an authenticated Metasys user an unintended level of access to the server file system, allowing them to access or modify system files by sending specifically crafted web messages to the Metasys system. This issue affects:…
- risk 0.57cvss 8.8epss 0.00
A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files.
- risk 0.56cvss 8.6epss 0.01
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and including 3.01
- risk 0.55cvss 8.4epss 0.01
Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions…
- risk 0.54cvss 8.3epss 0.00
An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.
- risk 0.54cvss 8.3epss 0.01
A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.
- risk 0.53cvss 8.1epss 0.00
On Metasys ADX Server version 12.0 running MVE, an Active Directory user could execute validated actions without providing a valid password when using MVE SMP UI.
- risk 0.53cvss 8.1epss 0.00
Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.
- risk 0.53cvss 8.1epss 0.01
Under certain circumstances the session token is not cleared on logout.
- risk 0.53cvss 8.2epss 0.02
A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5.
- risk 0.52cvss 8.0epss 0.01
Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2.
- risk 0.51cvss 7.8epss 0.00
Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions.
- risk 0.51cvss 7.8epss 0.00
Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text.
- risk 0.50cvss —epss 0.00
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials.
- risk 0.49cvss 7.5epss 0.00
An attacker with physical access to the Kantech Gen1 ioSmart card reader with firmware version prior to 1.07.02 in certain circumstances can recover the reader's communication memory between the card and reader.
- risk 0.49cvss 7.5epss 0.01
Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause…
- risk 0.49cvss 7.5epss 0.00
An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights.
- risk 0.49cvss 7.5epss 0.00
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie.
- risk 0.49cvss 7.5epss 0.01
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie.
- risk 0.49cvss 7.5epss 0.01
A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change.
- risk 0.49cvss 7.5epss 0.02
Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system.
- risk 0.49cvss 7.5epss 0.01
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys…
- risk 0.46cvss —epss 0.00
Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior. Successful exploitation of this vulnerability could result in failure within the operating system of…
- risk 0.46cvss 7.1epss 0.01
A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for…
- risk 0.46cvss 7.1epss 0.01
A vulnerability in specified versions of American Dynamics victor Web Client and Software House CCURE Web Client could allow a remote unauthenticated attacker on the network to delete arbitrary files on the system or render the system unusable by conducting a Denial of Service…
- risk 0.44cvss 6.8epss 0.01
Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal (SMP).
- risk 0.44cvss 6.8epss 0.01
Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal (SMP).
- risk 0.44cvss 6.7epss 0.01
A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. This vulnerability impacts exacqVision ESM v5.12.2 and all prior versions of ESM running on a Windows operating system.…
- risk 0.42cvss 6.5epss 0.01
In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information.
- risk 0.41cvss —epss 0.00
The iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the Windows PC that ICU is running on.
- risk 0.35cvss 5.3epss 0.01
Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop.
- risk 0.34cvss 5.3epss 0.01
Under certain circumstances an unauthenticated user could access the the web API for Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.2 and enumerate users.
- risk 0.33cvss 5.0epss 0.01
OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances.
- risk 0.28cvss 4.3epss 0.01
Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions.
- risk 0.28cvss 4.3epss 0.01
exacqVision Enterprise Manager 20.12 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
- CVE-2026-21660Feb 27, 2026risk 0.00cvss —epss 0.00
Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise…
- CVE-2026-21659Feb 27, 2026risk 0.00cvss —epss 0.01
Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. …
- CVE-2026-21658Feb 27, 2026risk 0.00cvss —epss 0.01
Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which…
- CVE-2026-21657Feb 27, 2026risk 0.00cvss —epss 0.00
Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device…
- CVE-2026-21656Feb 27, 2026risk 0.00cvss —epss 0.00
Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device…
Page 1 of 2