Request a Demo
Rewterz
CVE-2024-27877 – Apple macOS Ventura Zero-Day Vulnerability
August 2, 2024
Rewterz
ICS: Rockwell Automation Vulnerability
August 3, 2024

ICS: Multiple Johnson Controls Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-32864 CVSS:6.4

Johnson Controls exacqVision Web Service could allow a remote authenticated attacker to obtain sensitive information, caused by not enforce secure web communications (HTTPS). By sniffing the network traffic, an attacker could exploit this vulnerability to obtain user credentials, and use this information to launch further attacks against the affected system.

CVE-2024-32931 CVSS:5.7

Johnson Controls exacqVision Web Service could allow a remote attacker to obtain sensitive information, caused by the use of GET request method with sensitive query strings. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain authentication token information, and use this information to launch further attacks against the affected system.

CVE-2024-32865 CVSS:6.4

Johnson Controls exacqVision Server is vulnerable to a man-in-the-middle attack, caused by not properly validate TLS certificates provided by connected devices.. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system.

CVE-2024-32862 CVSS:6.8

Johnson Controls exacqVision Web Service could provide weaker than expected security, caused by not provide sufficient protection from untrusted domains. A remote attacker could exploit this vulnerability to launch further attacks on the system.

CVE-2024-32863 CVSS:6.8

Johnson Controls exacqVision Web Service is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform state-changing operations with administrative privileges. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

Impact

  • Information Disclosure
  • Cross-site Scripting

Indicators of Compromise

CVE

  • CVE-2024-32864
  • CVE-2024-32931
  • CVE-2024-32865
  • CVE-2024-32862
  • CVE-2024-32863

Affected Vendors

Johnson Controls

Affected Products

  • Johnson Controls exacqVision Web Service 21.03
  • Johnson Controls exacqVision Server

Remediation

Refer to Johnson Controls Product Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-32864

CVE-2024-32931

CVE-2024-32865

CVE-2024-32862

CVE-2024-32863