CVE-2024-32752 Information

Description

Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and configuration.

Reference

https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-06.pdf https://www.cisa.gov/news-events/ics-advisories/icsa-24-158-04