← Back to home
ICSA-24-179-04  ·  Published 2024-07-02  ·  View on CISA ICS-CERT ↗

Johnson Controls Illustra Essentials Gen 4 (Update A)

CVSS 9.1 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to inject commands.

CVEs (1)

Remediations

  • Johnson Controls recommends that users upgrade cameras to Illustra.Ess4.01.02.13.6953. For more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2024-09 v1
  • Johnson Controls recommends taking steps to minimize risks to all building automation systems. Further ICS security notices and product security guidance are located at the Johnson Controls product security website

Affected Vendors

Johnson Controls, Inc.

Affected Products (1)

Johnson Controls, Inc. · Illustra Essentials Gen 4 <=Illustra.Ess4.01.02.10.5982

Affected Sectors

Critical Manufacturing, Commercial Facilities, Government Facilities, Transportation Systems, Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more