← Back to home
ICSA-21-280-01  ·  Published 2021-10-07  ·  View on CISA ICS-CERT ↗

Johnson Controls exacqVision Server Bundle

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow an unauthenticated remote user to be given access to credentials stored in the exacqVision Server.

CVEs (1)

Remediations

  • Upgrade exacqVision Web Service to Version 21.09
  • For more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2021-16 v1

Affected Vendors

Exacq Technologies, Johnson Controls Inc.

Affected Products (1)

Exacq Technologies, Johnson Controls Inc. · exacqVision Web Service <= 21.06.11.0

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more