← Back to home
ICSA-24-214-04  ·  Published 2024-08-01  ·  View on CISA ICS-CERT ↗

Johnson Controls exacqVision Web Service

CVSS 6.4 MEDIUM

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to perform a man-in-the-middle attack and gain access to sensitive information.

CVEs (1)

Remediations

  • Johnson Controls recommends that users update exacqVision Web Service to version 24.06.
  • For more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2024-17.

Affected Vendors

Johnson Controls, Inc.

Affected Products (1)

Johnson Controls, Inc. · exacqVision Web Service <=24.03

Affected Sectors

Critical Manufacturing, Commercial Facilities, Government Facilities, Transportation Systems, Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more