SecAlerts
CVE ListPricingSign Up
johnsoncontrols logo

johnsoncontrols

Security Risk Profile

86
/100
critical

Security Risk Score

Comprehensive risk assessment based on 68 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from July 16, 2012 to present

68
Total CVEs
57
Critical+High
0
Exploited
3
Unpatched

Threat Assessment

Avg CVSS
8.3
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
3
Critical/High
Risk Level
86/100
critical

Severity Distribution

Critical
26
High
31
Medium
11
Low
0

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
0

Age Distribution

Common Weaknesses (CWE)

1
Infoleak
6
2
XSS
5
3
Code Injection
3
4
OS Command Injection
3
5
Command Injection
3

Most Affected Products

1. Johnsoncontrols Metasys Application And Data Server23
2. Johnsoncontrols Metasys Extended Application And Data Server23
3. Johnsoncontrols Metasys Open Application Server22
4. Johnsoncontrols Exacqvision Web Service8
5. Johnsoncontrols Nae55 Firmware7

Recent Vulnerabilities

See more →
CVE-2026-21660
CVSS 9.8critical

Johnson Controls-Frick Quantum HD-Hardcoded Email Credentials Saved as Plaintext in Firmware

2/27/2026
CVE-2026-21659
CVSS 9.8critical

Johnson Controls -Frick Quantum HD-Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion

2/27/2026
CVE-2026-21658
CVSS 9.8critical

Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

2/27/2026
CVE-2026-21657
CVSS 9.8critical

Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

2/27/2026
CVE-2026-21656
CVSS 9.8critical

Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

2/27/2026
CVE-2026-21654
CVSS 9.8critical

Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

2/27/2026
CVE-2024-32758
CVSS 9.0critical
8/1/2024🔧 No Patch
CVE-2024-32862
CVSS 8.1high

exacqVision CORS

8/1/2024
CVE-2024-32931
CVSS 5.7medium

exacqVison - Token Disclosed in URL

8/1/2024
CVE-2024-32865
CVSS 7.3high

exacqVison - TLS certificate validation

8/1/2024

Monitor johnsoncontrols in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.

johnsoncontrols Security Vulnerabilities & Risk Score | 68 CVEs | SecAlerts - SecAlerts