Unauthenticated Remote Code Execution in Frick Controls Quantum HD by Johnson Controls
CVE-2026-21658
8.8HIGH
What is CVE-2026-21658?
An unauthenticated remote code execution vulnerability exists in Johnson Controls' Frick Controls Quantum HD product. This flaw allows an attacker to inject arbitrary code, potentially leading to unauthorized system access and manipulation. The issue affects versions 10.22 and earlier, emphasizing the necessity for prompt updates and effective cybersecurity practices to mitigate potential threats.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Frick Controls Quantum HD Frick Controls Quantum HD version 10.22 and prior
References
CVSS V4
Score:
8.8
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Noam Moshe of Claroty Team 82 Research group