Johnsoncontrols Security Vulnerabilities (CVEs)
Track 17 security vulnerabilities affecting Johnsoncontrols products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
CVE-2024-32758 is a cryptographic weakness in exacqVision video management systems where client-server communication uses insufficient key length duri...
Aug 1, 2024CVE-2024-32865 is a TLS certificate validation vulnerability in exacqVision Server that allows man-in-the-middle attacks when connecting to devices. A...
Aug 1, 2024CVE-2024-32864 is a security misconfiguration vulnerability in exacqVision Web Services where HTTPS enforcement fails under certain circumstances, all...
Aug 1, 2024This vulnerability causes Microsoft IIS servers hosting C•CURE 9000 Web Server to log Windows credential details in log files under certain circumst...
Jun 6, 2024CVE-2024-0242 is an information exposure vulnerability in Johnson Controls IQ Panel4 and IQ4 Hub security panel software that could allow unauthorized...
Feb 8, 2024Unauthorized users can access debug features in Quantum HD Unity products that were accidentally exposed. This affects all Quantum HD Unity products w...
Nov 10, 2023This vulnerability allows unauthorized users to gain account access to IQ Wifi 6 devices by conducting brute force authentication attacks. Attackers c...
Jul 25, 2023This vulnerability allows unauthorized users to bypass authentication in OpenBlue Enterprise Manager Data Collector under certain circumstances. It af...
May 18, 2023This vulnerability in Johnson Controls System Configuration Tool (SCT) exposes sensitive cookies to client-side scripts because they lack the 'HttpOnl...
Feb 9, 2023This cross-site scripting (XSS) vulnerability in Johnson Controls Metasys building automation systems allows attackers to inject malicious scripts int...
Jun 15, 2022This vulnerability in Johnson Controls Metasys building automation systems allows attackers to change passwords without verification. It affects Metas...
Jun 15, 2022This vulnerability in Metasys building automation servers allows authenticated users to lock out other users or take over their accounts. It affects M...
May 6, 2022CVE-2021-36207 is a privilege escalation vulnerability in Johnson Controls Metasys ADS/ADX/OAS servers that allows authenticated users to elevate thei...
Apr 29, 2022CVE-2021-36205 is an authentication bypass vulnerability in Johnson Controls Metasys products where session tokens are not properly cleared on logout....
Apr 15, 2022CVE-2021-36198 is an information disclosure vulnerability in Johnson Controls Metasys products that allows unauthorized users to access sensitive data...
Dec 6, 2021CVE-2021-27664 is a critical vulnerability in exacqVision Server where unauthenticated remote attackers can access stored credentials under certain co...
Oct 11, 2021This vulnerability allows authenticated users of Johnson Controls Facility Explorer SNC Series Supervisory Controllers to gain unintended file system ...
Jul 1, 2021Why Monitor Johnsoncontrols Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 17+ known vulnerabilities affecting Johnsoncontrols products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Johnsoncontrols packages in under 60 seconds. No agents required - completely agentless scanning that works across Johnsoncontrols deployments.
Free vulnerability database: Access detailed information about every Johnsoncontrols CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Johnsoncontrols CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
