Vulnerabilities > Johnsoncontrols > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-26 | CVE-2020-9046 | Improper Privilege Management vulnerability in Johnsoncontrols Kantech Entrapass 8.22 A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files. | 7.2 |
| 2012-07-16 | CVE-2012-2607 | OS Command Injection vulnerability in Johnsoncontrols Network Controller and Network Controller Firmware The Johnson Controls CK721-A controller with firmware before SSM4388_03.1.0.14_BB allows remote attackers to perform arbitrary actions via crafted packets to TCP port 41014 (aka the download port). | 7.5 |