June 30, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
CVE-2024-27877 – Apple macOS Ventura Zero-Day Vulnerability
August 2, 2024ICS: Rockwell Automation Vulnerability
August 3, 2024CVE-2024-27877 – Apple macOS Ventura Zero-Day Vulnerability
August 2, 2024ICS: Rockwell Automation Vulnerability
August 3, 2024
Severity
Medium
Analysis Summary
CVE-2024-32864 CVSS:6.4
Johnson Controls exacqVision Web Service could allow a remote authenticated attacker to obtain sensitive information, caused by not enforce secure web communications (HTTPS). By sniffing the network traffic, an attacker could exploit this vulnerability to obtain user credentials, and use this information to launch further attacks against the affected system.
CVE-2024-32931 CVSS:5.7
Johnson Controls exacqVision Web Service could allow a remote attacker to obtain sensitive information, caused by the use of GET request method with sensitive query strings. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain authentication token information, and use this information to launch further attacks against the affected system.
CVE-2024-32865 CVSS:6.4
Johnson Controls exacqVision Server is vulnerable to a man-in-the-middle attack, caused by not properly validate TLS certificates provided by connected devices.. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system.
CVE-2024-32862 CVSS:6.8
Johnson Controls exacqVision Web Service could provide weaker than expected security, caused by not provide sufficient protection from untrusted domains. A remote attacker could exploit this vulnerability to launch further attacks on the system.
CVE-2024-32863 CVSS:6.8
Johnson Controls exacqVision Web Service is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform state-changing operations with administrative privileges. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
Impact
- Information Disclosure
- Cross-site Scripting
Indicators of Compromise
CVE
- CVE-2024-32864
- CVE-2024-32931
- CVE-2024-32865
- CVE-2024-32862
- CVE-2024-32863
Affected Vendors
Johnson Controls
Affected Products
- Johnson Controls exacqVision Web Service 21.03
- Johnson Controls exacqVision Server
Remediation
Refer to Johnson Controls Product Security Advisory for patch, upgrade or suggested workaround information.