johnson controls

Top products

The 15 most recently published vulnerabilities affecting johnson controls.

• CVE-2026-21660Johnson Controls-Frick Quantum HD-Hardcoded Email Credentials Saved as Plaintext in Firmware9.8Feb 27, 2026
• CVE-2026-21659Johnson Controls -Frick Quantum HD-Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion9.8Feb 27, 2026
• CVE-2026-21658Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution9.8Feb 27, 2026
• CVE-2026-21657Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution9.8Feb 27, 2026
• CVE-2026-21656Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution9.8Feb 27, 2026
• CVE-2026-21654Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution9.8Feb 27, 2026
• CVE-2025-26385Metasys product command injection vulnerability could allow remote SQL execution10.0Jan 30, 2026
• CVE-2025-26386Stack-based Buffer Overflow in Johnson Controls iSTAR Configuration Utility (ICU) tool7.1Jan 28, 2026
• CVE-2025-43876iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - get8021xSettings8.8Dec 24, 2025
• CVE-2025-43875iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - getOptionsInfo8.8Dec 24, 2025
• CVE-2025-61740Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG Origin Validation Error5.3Dec 22, 2025
• CVE-2025-26379Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG use of Cryptographically Weak Pseudo-Random Number Generator5.3Dec 22, 2025
• CVE-2025-61739Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG reusing a nonce, key pair in encryption5.3Dec 22, 2025
• CVE-2025-61738Johnson Controls PowerG and IQPanel cleartext transmission of sensitive information5.3Dec 22, 2025
• CVE-2025-26381OpenBlue Mobile Web Application configuration issue for optional for OpenBlue Workplace (formerly FM Systems)9.3Dec 17, 2025