Use of Unmaintained Third Party Components in KT-1 - #VU56219
Published: September 1, 2021
Vulnerability identifier: #VU56219
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-1104
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Johnson Controls
Affected software:
KT-1
KT-1
Detailed vulnerability description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected product relies on Microsoft Windows CE 6.0 that is no longer supported.
Remediation
Install updates from vendor's website.