Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving the Site Management Portal (SMP).
References
Link | Resource |
---|---|
https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2019/jci-psa-2019-06-v1-metasys-icsa-19-227-01.pdf | Vendor Advisory |
https://www.us-cert.gov/ics/advisories/icsa-19-227-01 | Mitigation Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jci
Published: 2019-08-20T18:24:56
Updated: 2019-08-20T18:24:56
Reserved: 2019-02-07T00:00:00
Link: CVE-2019-7594
JSON object: View
NVD Information
Status : Modified
Published: 2019-08-20T19:15:17.307
Modified: 2020-02-10T21:53:55.163
Link: CVE-2019-7594
JSON object: View
Redhat Information
No data.