June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
LockBit Ransomware – Active IOCs
July 4, 2024
CVE-2024-39884 – Apache HTTP Server Vulnerability
July 4, 2024
LockBit Ransomware – Active IOCs
July 4, 2024
CVE-2024-39884 – Apache HTTP Server Vulnerability
July 4, 2024
Severity
Low
Analysis Summary
CVE-2024-32754
Johnson Controls Kantech Door Controllers could allow a remote attacker to obtain sensitive information, caused by broadcasting its MAC address, serial number, and firmware version in factory reset mode while waiting for initial setup. A remote attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-32754
Affected Vendors
Johnson Controls
Affected Products
- Johnson Controls Kantech KT1
- Johnson Controls Kantech KT2
- Johnson Controls Kantech KT400
Remediation
Refer to Johnson Controls Security Advisory for patch, upgrade, or suggested workaround information.