Use of Unmaintained Third Party Components in KT-1 - #VU56219

 

Use of Unmaintained Third Party Components in KT-1 - #VU56219

Published: September 1, 2021


Vulnerability identifier: #VU56219
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-1104
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Johnson Controls
Affected software:
KT-1

Detailed vulnerability description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected product relies on Microsoft Windows CE 6.0 that is no longer supported.


Remediation

Install updates from vendor's website.

Sources