CNNVD-202511-2980 Information

Nov 27, 2025 cve

CNNVD ID

CNNVD-202511-2980

CVE-2025-0657

CNNVD Published: 2025-11-27

Description (Chinese)

Automated Logic WebCtrl是美国Automated Logic公司的一个基于 Web 的楼宇自动化系统的服务器。Carrier i-Vu是美国Carrier公司的一个楼宇管理系统平台。 Automated Logic WebCtrl和Carrier i-Vu存在安全漏洞，该漏洞源于BACnet MS/TP网络可发送畸形分组，可能导致设备进入故障状态。

Description (English)

Automated Logic WebCtrl is the server for a Web-based building automation system of the American company Automated Logic. Carrier i-Vu is a building management system platform of the United States company Carrier. There is a security loophole in Automated Logic WebCtrl and Carrier i-Vu, which stems from the fact that the BACnet MS/TP network can send a deformity group, which may cause the equipment to fail.

Hazard Level

Medium

Vulnerability Type

其他

Published

2025-11-27

Last Modified

2026-02-24

References

https://www.corporate.carrier.com/product-security/advisories-resources/

Patch

https://www.corporate.carrier.com/product-security/advisories-resources/

Share on: