CVE-2022-21941 Information

Description

All versions of iSTAR Ultra prior to version 6.8.9.CU01are vulnerable to a command injection that could allow an unauthenticated user root access to the system.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-11 https://www.johnsoncontrols.com/cyber-solutions/security-advisories