CNNVD-202512-3289 Information
CNNVD ID
CNNVD-202512-3289
Related CVE
- CNNVD Published: 2025-12-17
Description (Chinese)
Johnson Controls iSTAR series是美国江森自控(Johnson Controls)公司的一系列门禁控制器。 Johnson Controls iSTAR series存在安全漏洞,该漏洞源于证书过期后产品无法重新建立通信。以下产品受到影响:iSTAR eX、iSTAR Edge、iSTAR Ultra LT、iSTAR Ultra和iSTAR Ultra SE。
Description (English)
Johnson Controls iSTAR services are a series of door-ban controllers for Johnson Controls in the United States. There is a security loophole in Johnson Controls iSTAR services, which stems from the inability of products to re-establish communications after the expiry of the certificate. The following products were affected: iSTAR eX, iSTAR Edge, iSTAR Ultra LT, iSTAR Ultra and iSTAR Ultra SE.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
江森自控
Published
2025-12-17
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-338-04 https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories
Patch
https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories
Share on: