CNNVD-202512-3281 Information
CNNVD ID
CNNVD-202512-3281
Related CVE
- CNNVD Published: 2025-12-17
Description (Chinese)
Johnson Controls iSTAR series是美国江森自控(Johnson Controls)公司的一系列门禁控制器。 Johnson Controls iSTAR series存在安全漏洞,该漏洞源于攻击者可修改固件,可能导致完全访问设备。以下产品受到影响:iSTAR Ultra、iSTAR Ultra SE、iSTAR Ultra G2、iSTAR Ultra G2 SE、iSTAR Edge G2和iSTAR Ultra LT。
Description (English)
Johnson Controls iSTAR services are a series of door-ban controllers for Johnson Controls in the United States. There is a security loophole in Johnson Controls iSTARs, which stems from the fact that the attackers can modify the solids and may lead to full access to the equipment. The following products were affected: iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 and iSTAR Ultra LT.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
江森自控
Published
2025-12-17
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-345-02 https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories
Patch
https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories
Share on: