BetaIT-Hub is in early access — your feedback helps us improve. Use the chat or email [email protected]

News Vulnerability
VulnerabilityCISA·30d ago

Johnson Controls CEM AC2000

p a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-125-05.json" strong View CSAF /strong /a /p h2 Summary /h2 p strong Successful exploitation of this vulnerability could allow a standard user to escalate privileges on the host machine. /strong /p p The following versions of Johnson Controls CEM AC2000 are affected: /p ul li CEM AC2000 12.0 (CVE-2026-21661) /li li CEM AC2000 11.0 (CVE-2026-21661) /li li CEM AC2000 10.6 (CVE-2026-21661) /li /ul div class="csaf-table" table class="tablesaw tablesaw-stack" data-tablesaw-mode="stack" data-tablesaw-minimap thead tr th role="columnheader" data-tablesaw-priority="persist" CVSS /th th role="columnheader" Vendor /th th role="columnheader" Equipment /th th role="columnheader" Vulnerabilities /th /tr /thead tbody tr td v3 8.7 /td td Johnson Controls Inc. /td td Johnson Controls CEM AC2000 /td td Uncontrolled Search Path Element /td /tr /tbody /table /div h3 Background /h3 ul li strong Critical Infrastructure Sectors: /strong Critical Manufacturing, Commercial Facilities, Government Services and Facilities, Transportation Systems, Energy /li li strong Countries/Areas Deployed: /strong Worldwide /li li strong Company Headquarters Location: /strong Ireland /li /ul hr h2 Vulnerabilities /h2 div class="csaf-accordion" p a class="csaf-accordion-toggle-all" href="#" Expand All + /a /p div class="csaf-accordion-item" h3 a class="csaf-accordion-toggle" href="#" CVE-2026-21661 /a /h3 div class="csaf-accordion-content" p The affected product is vulnerable to DLL hijacking, which could allow an attacker to escalate standard user privileges on the host machine. /p p a href="https://www.cve.org/CVERecord?id=CVE-2026-21661" View CVE Details /a /p hr h4 Affected Products /h4 h5 Johnson Controls CEM AC2000 /h5 div class="ics-vendor-version-status" div class="ics-vendor" strong Vendor: /strong br Johnson Controls Inc. /div div class="ics-version" strong Product Version: /strong br Johnson Controls Inc. CEM AC2000: 12.0, Johnson Controls Inc. CEM AC2000: 11.0, Johnson Controls Inc. CEM AC2000: 10.6 /div div class="ics-status" strong Product Status: /strong br known_affected /div /div div class="ics-remediations" h6 Remediations /h6 p strong Mitigation /strong br Johnson Controls recommends users apply the following mitigations: /p p strong Mitigation /strong br Upgrade CEM AC 2000 12.0 to 12.0 Release 10. /p p strong Mitigation /strong br Upgrade CEM AC 2000 11.0 to 11.0 Release 9. /p p strong Mitigation /strong br Upgrade CEM AC 2000 10.6 to 10.6 Release 3. /p p strong Mitigation /strong br For more detailed mitigation instructions, please see Johnson Controls Product Security Advisory. br a href="https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories" https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories /a /p /div p strong Relevant CWE: /strong a href="https://cwe.mitre.org/data/definitions/427.html" CWE-427 Uncontrolled Search Path Eleme

Sign in to read the full article

Create a free account to access all news, downloads, and community features

Sign inCreate account

Originally published by CISA

Source: https://www.cisa.gov/news-events/ics-advisories/icsa-26-125-05

This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.

Shared on IT-Hub by admin