An unauthorized user could gain account access to IQ Wifi 6 versions prior to 2.0.2 by conducting a brute force authentication attack.
9.8CVSS
9.4AI Score
0.001EPSS
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.
7.1CVSS
5.4AI Score
0.0004EPSS
Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service.
7.5CVSS
7.6AI Score
0.0005EPSS
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed.
10CVSS
9.3AI Score
0.001EPSS
Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings.
9.8CVSS
9.2AI Score
0.001EPSS