ICSA-24-214-05
·
Published 2024-08-01
·
View on CISA ICS-CERT ↗
Johnson Controls exacqVision Server
CVSS 6.4
MEDIUM
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to perform a man-in-the-middle attack and intercept communications.
CVEs (1)
Remediations
- Johnson Controls recommends that user update exacqVision Client and exacqVision Server to version 24.06
- For more detailed mitigation instructions, please see Johnson Controls Product Security Advisory JCI-PSA-2024-18.
Affected Vendors
Johnson Controls, Inc.
Affected Products (1)
Johnson Controls, Inc.
·
exacqVision Server
<=24.03
Affected Sectors
Critical Manufacturing, Commercial Facilities, Government Facilities, Transportation Systems, Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more