Shodan
Vulnerabilities
Vulnerable Software
Johnsoncontrols:  Security Vulnerabilities
CVE-2021-36199
Running a vulnerability scanner against VideoEdge NVRs can cause some functionality to stop.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-01-14
CVE-2021-36198
Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data.
CVSS Score
8.3
EPSS Score
0.002
Published
2021-12-06
CVE-2021-27664
Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-10-11
CVE-2021-27665
An unauthenticated remote user could exploit a potential integer overflow condition in the exacqVision Server with a specially crafted script and cause denial-of-service condition.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-10-11
CVE-2021-27662
The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and including 3.01
CVSS Score
8.6
EPSS Score
0.002
Published
2021-09-15
CVE-2021-27663
A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a remote attacker to access to the system without adequate authorization. This issue affects: Johnson Controls CEM Systems AC2000 10.1; 10.2; 10.3; 10.4; 10.5.
CVSS Score
8.2
EPSS Score
0.007
Published
2021-08-30
CVE-2021-27660
An insecure client auto update feature in C-CURE 9000 can allow remote execution of lower privileged Windows programs.
CVSS Score
8.8
EPSS Score
0.012
Published
2021-07-01
CVE-2021-27661
Successful exploitation of this vulnerability could give an authenticated Facility Explorer SNC Series Supervisory Controller (F4-SNC) user an unintended level of access to the controller’s file system, allowing them to access or modify system files by sending specifically crafted web messages to the F4-SNC.
CVSS Score
8.8
EPSS Score
0.002
Published
2021-07-01
CVE-2021-27658
exacqVision Enterprise Manager 20.12 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-06-24
CVE-2021-27659
exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other users.
CVSS Score
5.3
EPSS Score
0.003
Published
2021-06-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved