Weak Credentials Exposed in C●CURE 9000 Installer
CVE-2024-32759

Currently unrated

Key Information:

Vendor: Johnson Controls
Status: Software House C•cure 9000
Vendor: CVE Published:; 10 July 2024

What is CVE-2024-32759?

Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials.

Affected Version(s)

Software House C•CURE 9000 0 <= 2.80

References

https://www.johnsoncontrols.com/trust-center/cybersecurit...

https://www.cisa.gov/news-events/ics-advisories/icsa-24-1...

Timeline

Vulnerability published
Jul 10, 2024
Vulnerability Reserved
Apr 17, 2024

Credit

Reid Wightman of Dragos

.