One Advisory Published – 5-27-25

May 27, 2025

∙ Paid

Today CISA’s NCCIC-ICS published one control system security advisory for products from Johnson Controls.

Johnson Controls Advisory

This advisory describes a use of unitialized variable vulnerability in the Johnson Controls iSTAR Configuration Utility (ICU) tool. The vulnerability was reported by Reid Wightman of Dragos. Johnson Controls has a new version…

Keep reading with a 7-day free trial

Subscribe to CFSN Detailed Analysis to keep reading this post and get 7 days of free access to the full post archives.