← Back to home
ICSA-22-242-11  ·  Published 2022-08-30  ·  View on CISA ICS-CERT ↗

Sensormatic Electronics iSTAR

CVSS 10.0 CRITICAL

Risk Summary

An unauthenticated user could use a malicious request to run arbitrary commands as root user.

CVEs (1)

Remediations

  • iSTAR Ultra: Version 6.8.9. CU01
  • For more detailed mitigation instructions, users should see Johnson Controls Product Security Advisory JCI-PSA-2022-13 v1

Affected Vendors

Sensormatic Electronics, LLC, Johnson Controls Inc.

Affected Products (1)

Sensormatic Electronics, LLC, Johnson Controls Inc. · iSTAR Ultra < 6.8.9 CU01

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more