The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and including 3.01
References
Link | Resource |
---|---|
https://us-cert.gov/ics/advisories | Third Party Advisory US Government Resource |
https://www.johnsoncontrols.com/cyber-solutions/security-advisories | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2021-09-15 13:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-27662
Mitre link : CVE-2021-27662
CVE.ORG link : CVE-2021-27662
JSON object : View
Products Affected
johnsoncontrols
- kantech_kt-1_door_controller
- kantech_kt-1_door_controller_firmware
CWE
CWE-294
Authentication Bypass by Capture-replay