Johnson Controls, Inc. Frick Controls Quantum HD
Summary
CISA has released an alert regarding multiple vulnerabilities in Johnson Controls, Inc. Frick Controls Quantum HD versions <=10.22. Successful exploitation of these vulnerabilities could lead to pre-authentication remote code execution, information leaks, or denial of service.
IFF Assessment
FOE
Multiple vulnerabilities in industrial control systems could allow attackers to gain control of devices.
Severity
9.1
Critical
Defender Context
ICS vulnerabilities are prime targets for attackers because successful exploits can have real-world physical consequences in critical infrastructure. Defenders should identify vulnerable systems and prioritize patching. Upgrading to the latest supported version of Quantum HD is recommended by the vendor.