Known vulnerabilities in Johnson Controls iSTAR Configuration Utility (ICU)

Vendor: Johnson Controls

Website: https://www.johnsoncontrols.com/

Total Security Bulletins: 3

Security bulletins (3)

Secuity bulletin	Severity	Status	Published
SB2025052806: Information disclosure in Johnson Controls iSTAR Configuration Utility (ICU) Tool	Medium	Patched	28.05.2025
SB2025042507: Stack-based buffer overflow in Johnson Controls ICU	High	Patched	25.04.2025
SB2024060715: Missing Authentication for Critical Function in Johnson Controls Software House iStar Pro Door Controller and ICU	High	Not patched	07.06.2024