Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Johnson Controls exacqVision Server Flaw: High-Risk Vulnerability Could Enable Man-in-the-Middle Attacks
Attention, exacqVision Server users! There’s a vulnerability (CVE-2024-32865) that could let hackers play man-in-the-middle. Update to version 24.06 and keep the cyber villains at bay. Stay safe and keep those certificates in check!
Hot Take:
Who knew that “exacqVision” was actually short for “exactly why you need better TLS certificates”? Johnson Controls, your servers just got a CVE, and it’s not the kind of award you want to frame on the wall.
Key Points:
- CVSS v3.1 base score of 6.4 highlighting a moderate severity
- Vulnerability: Improper Certificate Validation
- Affected Product: exacqVision Server versions 24.03 and prior
- Risk: Potential for man-in-the-middle attacks
- Mitigation: Upgrade to version 24.06
Already a member? Log in here