Johnsoncontrols Frick Controls Quantum Hd Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Johnsoncontrols Frick Controls Quantum Hd Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2026-21654 — CVSS 9.8 (critical): Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Johnson Controls Frick Controls…
CVE-2026-21656 — CVSS 9.8 (critical): Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code…
CVE-2026-21657 — CVSS 9.8 (critical): Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code…
CVE-2026-21658 — CVSS 9.8 (critical): Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick…
CVE-2026-21659 — CVSS 9.8 (critical): Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) vulnerability in Johnson Controls Frick…
CVE-2026-21660 — CVSS 9.8 (critical): Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls…