CNNVD-202512-3986 Information
CNNVD ID
CNNVD-202512-3986
Related CVE
- CNNVD Published: 2025-12-22
Description (Chinese)
Johnson Controls IQ series和Johnson Controls PowerG都是美国江森自控(Johnson Controls)公司的产品。Johnson Controls IQ series是一系列智能安防与自动化控制平台。Johnson Controls PowerG是一个通讯设备。 Johnson Controls IQ series和Johnson Controls PowerG存在安全漏洞,该漏洞源于特定情况下攻击者可捕获网络密钥或读写加密数据包。
Description (English)
Johnson Controls IQ Sierras and Johnson Controls PowerG are products of Johnson Controls in the United States. Johnson Controls IQ servers are a series of smart security and automated control platforms. Johnson Controls PowerG is a communications device. There is a security loophole between Johnson Controls IQ series and Johnson Controls PowerG, which stems from the fact that under certain circumstances the assailant can capture a web key or read-written encrypted data package.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
江森自控
Published
2025-12-22
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-350-02 https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories
Patch
https://tyco.widen.net/s/fpznlvnwrh/jci-psa-2025-01
Share on: