CNNVD-202512-3978 Information
CNNVD ID
CNNVD-202512-3978
Related CVE
- CNNVD Published: 2025-12-22
Description (Chinese)
Johnson Controls IQ series和Johnson Controls PowerG都是美国江森自控(Johnson Controls)公司的产品。Johnson Controls IQ series是一系列智能安防与自动化控制平台。Johnson Controls PowerG是一个通讯设备。 Johnson Controls IQ series和Johnson Controls PowerG存在安全漏洞,该漏洞源于未验证数据包来源,可能导致拒绝服务或设备配置被修改。
Description (English)
Johnson Controls IQ Sierras and Johnson Controls PowerG are products of Johnson Controls in the United States. Johnson Controls IQ servers are a series of smart security and automated control platforms. Johnson Controls PowerG is a communications device. There is a security loophole between Johnson Controls IQ series and Johnson Controls PowerG, which originates from unverified data package sources and may lead to the denial of services or modification of equipment configurations.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
江森自控
Published
2025-12-22
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-350-02 https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories
Patch
https://tyco.widen.net/s/fpznlvnwrh/jci-psa-2025-01
Share on: