ICSA-20-324-02 · Published 2022-09-19 · View on CISA ICS-CERT ↗

Paradox IP150 (Update A)

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code, which may result in the termination of the physical security system.

CVEs (2)

CVE-2020-25189 CVE-2020-25185

Remediations

Contact Paradox support for mitigation details via email at [email protected]

Affected Vendors

Paradox

Affected Products (2)

Paradox · Paradox IP150 5.02.09

Paradox · Paradox IP150 vers:all/*

Affected Sectors

Multiple Sectors

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more