July 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
400,000 Linux Servers Compromised by Ebury Botnet Malware in Last 14 Years – Active IOCs
May 17, 2024
North Korea-Linked Konni APT Group – Active IOCs
May 17, 2024
400,000 Linux Servers Compromised by Ebury Botnet Malware in Last 14 Years – Active IOCs
May 17, 2024
North Korea-Linked Konni APT Group – Active IOCs
May 17, 2024
Severity
High
Analysis Summary
CVE-2024-0912
Johnson Controls Software House C CURE 9000 could allow a local authenticated attacker to obtain sensitive information, caused by the log of Microsoft Windows credential details in the log files by the he Microsoft Internet Information Server (IIS). By gaining access to the log files, an attacker could exploit this vulnerability to obtain credential information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-0912
Affected Vendors
Johnson Controls
Affected Products
- Johnson Controls Software House C CURE 9000 3.00.2
Remediation
Refer to Johnson Controls Product Security Advisory for patch, upgrade or suggested workaround information.