First published: Fri Nov 10 2023(Updated: )
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed.
Credit: productsecurity@jci.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Any of | ||
Johnsoncontrols Quantum Hd Unity Compressor Firmware | >=11.00<11.22 | |
Johnsoncontrols Quantum Hd Unity Compressor Firmware | >=12.00<12.22 | |
Johnsoncontrols Quantum Hd Unity Compressor | ||
All of | ||
Any of | ||
Johnsoncontrols Quantum Hd Unity Acuair Firmware | >=11.00<11.12 | |
Johnsoncontrols Quantum Hd Unity Acuair Firmware | >=12.00<12.12 | |
Johnsoncontrols Quantum Hd Unity Acuair | ||
All of | ||
Any of | ||
Johnsoncontrols Quantum Hd Unity Condenser\/vessel Firmware | >=11.00<11.11 | |
Johnsoncontrols Quantum Hd Unity Condenser\/vessel Firmware | >=12.00<12.11 | |
Johnsoncontrols Quantum Hd Unity Condenser\/vessel | ||
All of | ||
Any of | ||
Johnsoncontrols Quantum Hd Unity Evaporator Firmware | >=11.00<11.11 | |
Johnsoncontrols Quantum Hd Unity Evaporator Firmware | >=12.00<12.11 | |
Johnsoncontrols Quantum Hd Unity Evaporator | ||
All of | ||
Any of | ||
Johnsoncontrols Quantum Hd Unity Engine Room Firmware | >=11.00<11.11 | |
Johnsoncontrols Quantum Hd Unity Engine Room Firmware | >=12.00<12.11 | |
Johnsoncontrols Quantum Hd Unity Engine Room | ||
All of | ||
Any of | ||
Johnsoncontrols Quantum Hd Unity Interface Firmware | >=11.00<11.11 | |
Johnsoncontrols Quantum Hd Unity Interface Firmware | >=12.00<12.11 | |
Johnsoncontrols Quantum Hd Unity Interface |
Update all Quantum HD Unity Compressor control panels to firmware version 11.22 (Q5) or 12.22 (Q6).
Update all Quantum HD Unity AcuAir control panels to firmware version 11.12 (Q5) or 12.12 (Q6).
Update all Quantum HD Unity Condenser/Vessel control panels to firmware version 11.11 (Q5) or 12.11 (Q6).
Update all Quantum HD Unity Evaporator control panels to firmware version 11.11 (Q5) or 12.11 (Q6).
Update all Quantum HD Unity Engine Room control panels to firmware version 11.11 (Q5) or 12.11 (Q6).
Update all Quantum HD Unity Interface control panels to firmware version 11.11 (Q5) or 12.11 (Q6).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-4804 is a vulnerability that allows unauthorized users to access debug features in Quantum HD Unity products.
CVE-2023-4804 is classified as critical with a severity value of 10.
Quantum HD Unity products with specific firmware versions are affected. Please refer to the product documentation for the exact versions.
To fix CVE-2023-4804, it is recommended to apply the latest firmware updates provided by Johnson Controls.
You can find more information about CVE-2023-4804 on the Johnson Controls website and the CISA website.