Main Vulnerability Database Vulnerabilities #VU56219

Use of Unmaintained Third Party Components in KT-1 - #VU56219

Published: September 1, 2021

Vulnerability identifier: #VU56219

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: N/A

CWE-ID: CWE-1104

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
KT-1

Software vendor:
Johnson Controls

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected product relies on Microsoft Windows CE 6.0 that is no longer supported.

Install updates from vendor's website.