ICSA-21-301-01
·
Published 2021-10-28
·
View on CISA ICS-CERT ↗
Sensormatic Electronics victor
CVSS 7.8
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow an unauthorized elevation of privileges.
CVEs (1)
Remediations
- Disable the SIP feature in: versions prior to 5.7.1
- Upgrade victor to: Version 5.7.1
- For more detailed mitigation and product upgrade instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2021-19 v1
- Further ICS security notices and product security guidance are located at the Johnson Controls product security website.
- Users with additional questions may contact Johnson Controls Global Product Security.
- Do not click web links or open unsolicited attachments in email messages.
- Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
- Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Affected Vendors
Sensormatic Electronics, LLC, Johnson Controls Inc.
Affected Products (1)
Sensormatic Electronics, LLC, Johnson Controls Inc.
·
victor
<= 5.7
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more