#VU56219 Use of Unmaintained Third Party Components in KT-1
Published: September 1, 2021
Vulnerability identifier: #VU56219
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-1104
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
KT-1
KT-1
Software vendor:
Johnson Controls
Johnson Controls
Description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected product relies on Microsoft Windows CE 6.0 that is no longer supported.
Remediation
Install updates from vendor's website.