Lucene search

Johnsoncontrols Security Vulnerabilities

cve

CVE-2023-3548

An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.

9.8CVSS

9.4AI Score

0.001EPSS

2023-07-25 02:15 PM

cve

CVE-2023-3749

A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.

7.1CVSS

5.4AI Score

0.0004EPSS

2023-08-03 08:15 PM

cve

CVE-2023-4486

Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.

7.5CVSS

7.6AI Score

0.0005EPSS

2023-12-07 08:15 PM

cve

CVE-2023-4804

An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed.

10CVSS

9.3AI Score

0.001EPSS

2023-11-10 11:15 PM

cve

CVE-2024-0242

Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings.

9.8CVSS

9.2AI Score

0.001EPSS

2024-02-08 08:15 PM

Total number of security vulnerabilities55