Login Sign Up

CVE-2025-61736

N/A Unknown
Denial of Service

📋 TL;DR

This vulnerability affects systems that fail to re-establish communication after certificate expiration, potentially causing service disruption. It impacts Johnson Controls products that rely on certificate-based communication for operational continuity.

💻 Affected Systems

Products:
  • Johnson Controls products with certificate-based communication
Versions: Specific versions not detailed in provided references
Operating Systems: Embedded systems in Johnson Controls products
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems using certificate authentication for communication; exact product list requires checking vendor advisory

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Critical systems become completely non-operational when certificates expire, leading to loss of monitoring/control capabilities in industrial environments.

🟠

Likely Case

Service disruption requiring manual intervention to restore communication after certificate expiration.

🟢

If Mitigated

Minimal impact with proper certificate lifecycle management and monitoring in place.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation occurs naturally when certificates expire without proper renewal mechanisms

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific versions

Vendor Advisory: https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories

Restart Required: Yes

Instructions:

1. Check Johnson Controls advisory for affected products 2. Apply vendor-provided patches 3. Restart affected systems 4. Verify certificate renewal functionality

🔧 Temporary Workarounds

Certificate Lifecycle Management

all

Implement proactive certificate monitoring and renewal before expiration

Communication Redundancy

all

Configure alternative communication methods as backup

🧯 If You Can't Patch

  • Implement strict certificate expiration monitoring with alerts 30+ days before expiry
  • Establish manual certificate renewal procedures and test them regularly

🔍 How to Verify

Check if Vulnerable:

Check system logs for certificate expiration warnings and test certificate renewal process

Check Version:

Check product-specific version command per Johnson Controls documentation

Verify Fix Applied:

Verify system maintains communication after simulated certificate expiration test

📡 Detection & Monitoring

Log Indicators:

  • Certificate expiration warnings
  • Communication failure logs after certificate expiry

Network Indicators:

  • Sudden drop in expected communication traffic
  • Failed TLS handshakes

SIEM Query:

source="*johnson*" AND ("certificate expired" OR "SSL handshake failed")

📊 Metadata

CVE ID: CVE-2025-61736
CVSS v3 Score: N/A (Unknown)
CWE: CWE-298
EPSS Score: 0.01% exploit probability (1.8th percentile)
Published: December 17, 2025
Last Updated: December 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-61736, you might also want to check these:

CVE-2025-59036 5.5

This vulnerability allows deleted or expired API tokens to remain valid for authentication in Infrah...

Same vulnerability type (CWE-298)