CVE-2026-21657
CRITICAL SEVERITYCVSS Score & Metrics
Base Score
9.8 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Description
Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication occurs.This issue affects Frick Controls Quantum HD version 10.22 and prior.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-94
Source
NVD
Vendor
Johnson Controls
Product
Frick Controls Quantum HD
Discussion (0)
Add Comment
No comments yet. Be the first!