3 matches found
CVE-2021-27660
An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs...
CVE-2021-27660
CVE-2021-27660 affects Johnson Controls C-CURE 9000. The vulnerability arises from an insecure client auto-update feature (improper input validation CWE-20) that can enable remote execution of lower-privileged Windows programs. Impact is high (C/H/I/H/A/H) with network vector and low attack compl...
Sensormatic Electronics C-CURE 9000 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Equipment: C-CURE 9000 Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...