ICSA-24-191-04
·
Published 2024-07-09
·
View on CISA ICS-CERT ↗
Johnson Controls Inc. Software House C●CURE 9000
CVSS 8.8
HIGH
Risk Summary
Successful exploitations of this vulnerability could allow an attacker to gain administrative access
CVEs (1)
Remediations
- Johnson Controls Inc. recommends the following:
- Update Software House C●CURE 9000 to at least version 2.90
- For more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2024-12 v1 at the following location: https://www.johnsoncontrols.com/cyber-solutions/security-advisories
- Aligning with CISA recommendations, Johnson Controls recommends taking steps to minimize risks to all building automation systems.
Affected Vendors
Johnson Controls Inc.
Affected Products (1)
Johnson Controls Inc.
·
Software House C●CURE 9000
<=2.80
Affected Sectors
Critical Manufacturing, Commercial Facilities, Government Facilities, Transportation Systems, Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more