A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could potentially download and run a malicious executable that could allow OS command injection on the system.
References
Link | Resource |
---|---|
https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Third Party Advisory |
https://www.us-cert.gov/ics/advisories/ICSA-20-170-01 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jci
Published: 2020-06-26T18:01:48
Updated: 2020-07-07T13:16:48
Reserved: 2020-02-18T00:00:00
Link: CVE-2020-9047
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-06-26T19:15:10.453
Modified: 2021-05-26T13:40:29.253
Link: CVE-2020-9047
JSON object: View
Redhat Information
No data.
CWE