OTWarden / Vendors / Johnson Controls

Johnson Controls ICS Security Advisories

10 CISA ICS-CERT advisories published for Johnson Controls industrial control system products. Data updated every 2 hours.

2
Critical
7
High
1
Medium
0
Low
Severity CVSS Advisory Products Published
HIGH 8.4 Universal Boot Loader (U-Boot) (Update A)
ICSA-25-343-01 · 1 CVE
Airwall AW-75
2026-03-05
CRITICAL 10.0 Johnson Controls Metasys Products
ICSA-26-027-04 · 1 CVE
Metasys Application and Data Server (ADS), Metasys Extended Application and Data Server (ADX), Metasys LCS8500 +3 more
2026-01-27
HIGH 8.8 Johnson Controls iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 (Update A)
ICSA-25-224-02 · 6 CVEs
iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2 +7 more
2025-12-16
HIGH 8.8 Johnson Controls iSTAR Ultra
ICSA-25-345-02 · 2 CVEs
iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra LT +3 more
2025-12-11
CRITICAL 10.0 Johnson Controls Metasys Vulnerabilities
ICSA-14-350-02 · 2 CVEs
Metasys, Application and Data Server (ADS), Extended Application and Data Server (ADX) +4 more
2025-06-06
MEDIUM 6.9 Johnson Controls Illustra Pro Gen 4
ICSA-24-191-03 · 1 CVE
Illustra Pro Gen 4 Camera
2024-07-09
HIGH 7.7 Johnson Controls Software House C●CURE 9000
ICSA-24-135-03 · 1 CVE
Software House C●CURE 9000
2024-05-14
HIGH 7.5 Johnson Controls Metasys and Facility Explorer (Update A)
ICSA-23-341-03 · 1 CVE
Metasys NAE55 engines, Metasys NAE55 engines, Metasys SNE engines +5 more
2023-12-19
HIGH 7.5 Johnson Controls System Configuration Tool (SCT)
ICSA-23-040-03 · 2 CVEs
System Configuration Tool (SCT) version 14, System Configuration Tool (SCT) version 15
2023-02-09
HIGH 7.8 Johnson Controls Metasys
ICSA-23-012-06 · 1 CVE
Metasys ADS/ADX/OAS Servers, Metasys ADS/ADX/OAS Servers
2023-01-12

Get Johnson Controls Vulnerability Alerts

Don't check manually — OTWarden emails you when CISA publishes new Johnson Controls ICS advisories, filtered to your specific equipment.

Start 14-Day Free Trial →