Remote Code Execution Vulnerability in Johnson Controls CK721-A Controller

Remote Code Execution Vulnerability in Johnson Controls CK721-A Controller

CVE-2012-2607 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Johnson Controls CK721-A controller with firmware before SSM4388_03.1.0.14_BB allows remote attackers to perform arbitrary actions via crafted packets to TCP port 41014 (aka the download port).

Learn more about our Web Application Penetration Testing UK.