Johnson Controls exacqVision Server Flaw: High-Risk Vulnerability Could Enable Man-in-the-Middle Attacks

Attention, exacqVision Server users! There’s a vulnerability (CVE-2024-32865) that could let hackers play man-in-the-middle. Update to version 24.06 and keep the cyber villains at bay. Stay safe and keep those certificates in check!

3P
Published: August 1, 2024 3:05 pmAdded: August 1, 2024 at 8:26 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew that “exacqVision” was actually short for “exactly why you need better TLS certificates”? Johnson Controls, your servers just got a CVE, and it’s not the kind of award you want to frame on the wall.

Key Points:

  • CVSS v3.1 base score of 6.4 highlighting a moderate severity
  • Vulnerability: Improper Certificate Validation
  • Affected Product: exacqVision Server versions 24.03 and prior
  • Risk: Potential for man-in-the-middle attacks
  • Mitigation: Upgrade to version 24.06

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?