Lucene search
K

316 matches found

Vulnrichment
Vulnrichment
added 2025/12/22 2:21 p.m.4 views

CVE-2025-26379 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG use of Cryptographically Weak Pseudo-Random Number Generator

Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...

7.2CVSS6.4AI score0.00167EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/22 2:21 p.m.34 views

CVE-2025-26379 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG use of Cryptographically Weak Pseudo-Random Number Generator

Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...

7.2CVSS0.00167EPSS
Exploits0References2
CVE
CVE
added 2025/12/22 2:21 p.m.26 views

CVE-2025-26379

CVE-2025-26379 concerns Johnson Controls PowerG products (IQ Panels2, 2+, IQHub, IQPanel 4). The issue is use of a cryptographically weak pseudo-random number generator, enabling an attacker to read or inject encrypted PowerG packets. Documents consistently cite the weak PRNG as the root cause an...

7.2CVSS6.4AI score0.00167EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/22 10:19 a.m.5 views

CVE-2025-61739 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG reusing a nonce, key pair in encryption

Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets...

7.2CVSS6.5AI score0.00167EPSS
Exploits0References2
CVE
CVE
added 2025/12/22 10:19 a.m.30 views

CVE-2025-61739

CVE-2025-61739 concerns nonce reuse that enables a replay attack or decryption of captured packets. Documents identify the affected products as Johnson Controls IQ Panels2, IQ Panels2+, IQHub, IQPanel 4, and PowerG, with the issue rooted in nonce reuse and/or weak RNG affecting confidentiality an...

7.2CVSS6.5AI score0.00167EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/22 10:19 a.m.36 views

CVE-2025-61739 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG reusing a nonce, key pair in encryption

Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets...

7.2CVSS0.00167EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/22 10:7 a.m.27 views

CVE-2025-61738 Johnson Controls PowerG and IQPanel cleartext transmission of sensitive information

Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network...

2.3CVSS0.00166EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.10 views

Johnson Controls IQ series和Johnson Controls PowerG 安全漏洞

The Johnson Controls IQ series and Johnson Controls PowerG are both products of Johnson Controls, Inc.The Johnson Controls IQ series is a series of intelligent security and automation control platforms.The Johnson Johnson Controls PowerG is a communications device. A security vulnerability exists...

7.2CVSS6.5AI score0.00167EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.3 views

Johnson Controls IQ series和Johnson Controls PowerG 安全漏洞

The Johnson Controls IQ series and Johnson Controls PowerG are both products of Johnson Controls, Inc.The Johnson Controls IQ series is a series of intelligent security and automation control platforms.The Johnson Johnson Controls PowerG is a communications device. A security vulnerability exists...

2.3CVSS6.5AI score0.00166EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.4 views

Johnson Controls IQ series和Johnson Controls PowerG 安全漏洞

The Johnson Controls IQ series and Johnson Controls PowerG are both products of Johnson Controls, Inc.The Johnson Controls IQ series is a series of intelligent security and automation control platforms.The Johnson Johnson Controls PowerG is a communications device. A security vulnerability exists...

7.2CVSS6.8AI score0.00123EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.4 views

Johnson Controls iSTAR series 安全漏洞

The Johnson Controls iSTAR series is a line of access control devices from Johnson Controls USA. A security vulnerability exists in the Johnson Controls iSTAR series that originates from an attacker being able to modify the firmware, potentially resulting in full access to the device. The followi...

8.7CVSS6.5AI score0.00266EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.5 views

Johnson Controls OpenBlue Workplace 安全漏洞

Johnson Controls OpenBlue Workplace is a smart office space management platform from Johnson Controls USA. A security vulnerability exists in Johnson Controls OpenBlue Workplace. An attacker exploiting the vulnerability could gain access to sensitive information...

9CVSS6.5AI score0.00281EPSS
Exploits0References2
CISA
CISA
added 2025/12/16 12:0 p.m.10 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-350-01 Güralp Systems FMUS Fortimus Series and MIN Minimus Series ICSA-25-350-02 Johnson Controls PowerG,...

6.6AI score
Exploits0References6
ICS
ICS
added 2025/12/16 7:0 a.m.9 views

Johnson Controls PowerG, IQPanel and IQHub (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read or write encrypted traffic or perform a replay attack. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

5.8AI score
Exploits0References13
ICS
ICS
added 2025/12/16 7:0 a.m.50 views

Johnson Controls PowerG, IQPanel and IQHub (Update A)

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read or write encrypted traffic or perform a replay attack. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

7.2CVSS5.9AI score0.00167EPSS
Exploits0References13
CISA
CISA
added 2025/12/11 12:0 p.m.9 views

CISA Releases 12 Industrial Control Systems Advisories

CISA released 12 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-345-01 Johnson Controls iSTAR ICSA-25-345-02 Johnson Controls iSTAR Ultra ICSA-25-345-03 AzeoTech DAQFactor...

6.7AI score
Exploits0References12
ICS
ICS
added 2025/12/11 7:0 a.m.7 views

Johnson Controls iSTAR Ultra

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

7.2AI score
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.8 views

PT-2025-49245

Name of the Vulnerable Software and Affected Versions Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace versions 2025.1.2 and prior Description Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace versions 2025.1.2 and prior are susceptible to a Direct...

9CVSS6.8AI score0.00281EPSS
Exploits0References5
CISA
CISA
added 2025/12/04 12:0 p.m.7 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-338-01 Mitsubishi Electric GX Works2 ICSA-25-338-02 MAXHUB Pivot ICSA-25-338-03 Johnson Controls OpenBlue...

6.6AI score
Exploits0References9
ICS
ICS
added 2025/12/04 7:0 a.m.5 views

Johnson Controls iSTAR

RISK EVALUATION Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

7.1CVSS6.8AI score0.00091EPSS
Exploits0References13
Rows per page
Query Builder