Johnson Controls Kantech Door Controllers

View CSAF

1. EXECUTIVE SUMMARY

  • CVSS v3 3.1
  • ATTENTION: Exploitable via adjacent network
  • Vendor: Johnson Controls, Inc.
  • Equipment: Kantech KT1, KT2, KT400 Door Controllers
  • Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive information.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following products by Kantech, a subsidiary of Johnson Controls, are affected:

  • Kantech KT1 Door Controller Rev01: Versions 2.09.01 and prior
  • Kantech KT2 Door Controller Rev01: Versions 2.09.01 and prior
  • Kantech KT400 Door Controller Rev01: Versions 3.01.16 and prior

3.2 Vulnerability Overview

3.2.1 EXPOSURE OF SENSITIVE INFORMATION TO AN UNAUTHORIZED ACTOR CWE-200

Under certain circumstances, when the controller is in factory reset mode waiting for initial setup, it will broadcast its MAC address, serial number, and firmware version. Once configured, the controller will no longer broadcast this information.

CVE-2024-32754 has been assigned to this vulnerability. A CVSS v3.1 base score of 3.1 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

3.3 BACKGROUND

  • CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
  • COUNTRIES/AREAS DEPLOYED: Worldwide
  • COMPANY HEADQUARTERS LOCATION: Ireland

3.4 RESEARCHER

National Computer Emergency Response Team (CERT) of India reported this vulnerability to Johnson Controls

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from All CISA Advisories

Read the original article: