CVE-2025-26379
CVE-2025-26379 concerns Johnson Controls PowerG products (IQ Panels2, 2+, IQHub, IQPanel 4). The issue is use of a cryptographically weak pseudo-random number generator, enabling an attacker to read or inject encrypted PowerG packets. Documents consistently cite the weak PRNG as the root cause an...