CVE-2025-43867 | Johnson Controls FX80/FX90 14.10.10/14.14.1 Device Configuration File vulnerable third-party component (icsa-25-219-02)

Inserito da Angelo Barbosa | Ago 7, 2025 | CVE

A vulnerability was found in Johnson Controls FX80 and FX90 14.10.10/14.14.1. It has been classified as problematic. Affected is an unknown function of the component Device Configuration File Handler. The manipulation leads to dependency on vulnerable third-party component.

This vulnerability is traded as CVE-2025-43867. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-43867 | Johnson Controls FX80/FX90 14.10.10/14.14.1 Device Configuration File vulnerable third-party component (icsa-25-219-02)

Post correlati

CVE-2024-45426 | Zoom Workplace App up to 6.0.x improper ownership management (ZSB-24038)

CVE-2017-15832 | Qualcomm Snapdragon Mobile MDM9206/MDM9607/SD 835/SD 845/SD 850 WLAN Host Driver input validation

CVE-2024-33557 | 8theme XStore Core Plugin up to 5.3.8 on WordPress path traversal

CVE-2024-34716 | PrestaShop up to 8.1.5 cross site scripting