CVE-2019-7594
6.8MEDIUMMetasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal (SMP).
Published: 8/20/2019Updated: 11/21/2024
Description
Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal (SMP).
AI AnalysisPowered by AI
Affected Products
johnsoncontrolsmetasys_system
References
- https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2019/jci-psa-2019-06-v1-metasys-icsa-19-227-01.pdfVendor Advisory
- https://www.us-cert.gov/ics/advisories/icsa-19-227-01MitigationThird Party AdvisoryUS Government Resource
- https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2019/jci-psa-2019-06-v1-metasys-icsa-19-227-01.pdfVendor Advisory
- https://www.us-cert.gov/ics/advisories/icsa-19-227-01MitigationThird Party AdvisoryUS Government Resource