CVE-2024-32752

Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and configuration.

CVSS

No CVSS.

References

Link	Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-158-04
https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-06.pdf

Configurations

No configuration.

History

07 Jun 2024, 14:56

Type	Values Removed	Values Added
Summary		(es) En determinadas circunstancias, las comunicaciones entre la herramienta ICU y un controlador de puerta iSTAR Pro son susceptibles a ataques Machine-in-the-Middle que podrían afectar el control y la configuración de la puerta.

06 Jun 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-06 21:15

Updated : 2024-06-07 14:56

NVD link : CVE-2024-32752

Mitre link : CVE-2024-32752

CVE.ORG link : CVE-2024-32752

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

JSON object

Attach tags to CVE-2024-32752

Attach tags to `CVE-2024-32752`