[Control systems] Johnson Controls security advisory (AV23-744)

Serial number: AV23-744
Date: December 7, 2023

On December 7, 2023, CISA published an ICS advisory to address a vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in the following products:

  • Facility Explorer F4-SNC – versions prior to 11.0.6
  • Facility Explorer F4-SNC – versions prior to 12.0.4
  • Metasys NAE55 engines – versions prior to 12.0.4
  • Metasys SNC engines – versions prior to 12.0.4
  • Metasys SNE engines – versions prior to 12.0.4

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.

Date modified: