PT-2026-22317 · Johnson Controls · Quantum Hd
Noam Moshe
·
Publicado
2026-02-27
·
Atualizado
2026-03-04
·
CVE-2026-21654
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Johnson Controls Frick Controls Quantum HD versions prior to 10.22
Description
A flaw exists in Johnson Controls Frick Controls Quantum HD that allows for OS Command Injection. Insufficient input validation in certain parameters can lead to unexpected actions before user authentication. This could compromise the security of the device.
Recommendations
Update to a version later than 10.22.
Correção
RCE
OS Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Quantum Hd