Summary
Successful exploitation of these vulnerabilities could allow an attacker to read or write encrypted traffic or perform a replay attack.
The following versions of Johnson Controls PowerG, IQPanel and IQHub are affected:
- PowerG (CVE-2025-61738, CVE-2025-61739, CVE-2025-26379, CVE-2025-61740)
- IQHub (CVE-2025-61738, CVE-2025-61739, CVE-2025-26379, CVE-2025-61740)
- IQPanel 2 (CVE-2025-61738, CVE-2025-61739, CVE-2025-26379, CVE-2025-61740)
- IQPanel 2+ (CVE-2025-61738, CVE-2025-61739, CVE-2025-26379, CVE-2025-61740)
- IQPanel 4 (CVE-2025-61738, CVE-2025-61739, CVE-2025-26379, CVE-2025-61740)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 7.6 | Johnson Controls Inc. | Johnson Controls PowerG, IQPanel and IQHub | Cleartext Transmission of Sensitive Information, Reusing a Nonce, Key Pair in Encryption, Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Origin Validation Error |
Background
- Critical Infrastructure Sectors: Commercial Facilities
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: Ireland
Vulnerabilities
CVE-2025-61738
The affected product is vulnerable due to cleartext transmission of sensitive information. This may allow an attacker to capture the network key and read or write encrypted packets on the PowerG network.
Affected Products
Johnson Controls PowerG, IQPanel and IQHub
Vendor:
Johnson Controls Inc.
Johnson Controls Inc.
Product Version:
Johnson Controls Inc. PowerG: <=53.02, Joh
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Johnson Controls Inc. PowerG: <=53.02, Joh
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from All CISA Advisories
Read the original article: