CNNVD-202511-2982 Information

Nov 27, 2025 cve

CNNVD ID

CNNVD-202511-2982

CVE-2024-5539

CNNVD Published: 2025-11-27

Description (Chinese)

Automated Logic WebCtrl是美国Automated Logic公司的一个基于 Web 的楼宇自动化系统的服务器。Carrier i-Vu是美国Carrier公司的一个楼宇管理系统平台。 Automated Logic WebCtrl和Carrier i-Vu 8.5及之前版本存在安全漏洞，该漏洞源于访问控制绕过，可能导致敏感信息泄露。

Description (English)

Automated Logic WebCtrl is the server for a Web-based building automation system of the American company Automated Logic. Carrier i-Vu is a building management system platform of the United States company Carrier. There is a security loophole in Automated Logic WebCtrl and Carrier i-Vu 8.5 and earlier versions, which stems from access controls bypassing and may lead to the disclosure of sensitive information.

Hazard Level

High

Vulnerability Type

其他

Published

2025-11-27

Last Modified

2026-02-24

References

https://www.corporate.carrier.com/product-security/advisories-resources/

Patch

https://www.corporate.carrier.com/product-security/advisories-resources/

Share on: