CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-2607

The Johnson Controls CK721-A controller with firmware before SSM4388_03.1.0.14_BB allows remote attackers to perform arbitrary actions via crafted packets to TCP port 41014 (aka the download port).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 77.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.kb.cert.org/vuls/id/977312
http://www.kb.cert.org/vuls/id/MORO-8UYN8P
http://www.kb.cert.org/vuls/id/977312
http://www.kb.cert.org/vuls/id/MORO-8UYN8P

Products affected by CVE-2012-2607

Johnsoncontrols » Network Controller » Version: ck721-a

cpe:2.3:h:johnsoncontrols:network_controller:ck721-a
Johnsoncontrols » Network Controller Firmware » Version: Any

cpe:2.3:o:johnsoncontrols:network_controller_firmware:*
Johnsoncontrols » Network Controller Firmware » Version: 03.0

cpe:2.3:o:johnsoncontrols:network_controller_firmware:03.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2607

Products

Pricing

Contact Us