Johnsoncontrols Metasys System — known CVE vulnerabilities
Every CVE whose affected-product data names Johnsoncontrols Metasys System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-7593 — CVSS 6.8 (medium): Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations…
CVE-2019-7594 — CVSS 6.8 (medium): Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for certain encryption operations involving…
CVE-2018-10624 — CVSS 6.5 (medium): In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from…