Sign-up

ID

VAR-201207-0054


CVE

CVE-2012-2607


TITLE

Johnson Controls Multiple Products Remote Command Execution Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2012-3706 // BID: 54469

DESCRIPTION

The Johnson Controls CK721-A controller with firmware before SSM4388_03.1.0.14_BB allows remote attackers to perform arbitrary actions via crafted packets to TCP port 41014 (aka the download port). Johnson Controls CK721-A and P2000 products contain a remote command execution vulnerability which may allow an unauthenticated remote attacker to perform various tasks against the devices. Johnson Controls is a well-known self-control manufacturer in the United States. An unauthenticated attacker can send a specially crafted message to this port to close the door and change the configuration. The \"upload\" port (tcp/41013) of the P2000 (Pegasys) server is used for logging and alarm purposes. The server only receives any message sent to it by verifying the source IP. The attacker can send a specially crafted message to the port to provide false information. Access data to the server. Successfully exploiting this issue may allow an attacker to execute arbitrary commands within the context of the vulnerable system

Trust: 3.24

sources: NVD: CVE-2012-2607 // CERT/CC: VU#977312 // JVNDB: JVNDB-2012-003106 // CNVD: CNVD-2012-3706 // BID: 54469 // VULHUB: VHN-55888

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2012-3706

AFFECTED PRODUCTS

vendor:johnsoncontrolsmodel:network controllerscope:eqversion:ck721-a

Trust: 1.6

vendor:johnsoncontrolsmodel:network controllerscope:eqversion:03.0

Trust: 1.0

vendor:johnsoncontrolsmodel:network controllerscope:lteversion:03.1.0.14

Trust: 1.0

vendor:johnson controlsmodel: - scope: - version: -

Trust: 0.8

vendor:johnson controlsmodel:network controllerscope:eqversion:ck721-a

Trust: 0.8

vendor:johnson controlsmodel:network controllerscope:ltversion:ssm4388_03.1.0.14_bb

Trust: 0.8

vendor:johnsonmodel:controls ck721-a and p2000scope: - version: -

Trust: 0.6

sources: CERT/CC: VU#977312 // CNVD: CNVD-2012-3706 // JVNDB: JVNDB-2012-003106 // CNNVD: CNNVD-201207-220 // NVD: CVE-2012-2607

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2012-2607
value: HIGH

Trust: 1.6

nvd@nist.gov: CVE-2012-2607
value: HIGH

Trust: 1.0

CNNVD: CNNVD-201207-220
value: HIGH

Trust: 0.6

VULHUB: VHN-55888
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-2607
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

NVD: CVE-2012-2607
severity: HIGH
baseScore: 7.5
vectorString: NONE
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-55888
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#977312 // VULHUB: VHN-55888 // JVNDB: JVNDB-2012-003106 // CNNVD: CNNVD-201207-220 // NVD: CVE-2012-2607

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.9

sources: VULHUB: VHN-55888 // JVNDB: JVNDB-2012-003106 // NVD: CVE-2012-2607

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201207-220

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201207-220

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-003106

EXPLOIT AVAILABILITY
sources:
            
            
            CERT/CC: VU#977312

PATCH
title:Network Controllersurl:http://www.johnsoncontrols.com/content/us/en/products/building_efficiency/security-solutions/products/network-controller.html
Trust: 0.8
title:Patch for Johnson Controls Multiple Product Remote Command Execution Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/18894
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2012-3706 // 
            
            
            
            JVNDB: JVNDB-2012-003106

EXTERNAL IDS
db:CERT/CCid:VU#977312
Trust: 3.9
db:NVDid:CVE-2012-2607
Trust: 3.4
db:JVNDBid:JVNDB-2012-003106
Trust: 0.8
db:CNNVDid:CNNVD-201207-220
Trust: 0.7
db:CNVDid:CNVD-2012-3706
Trust: 0.6
db:BIDid:54469
Trust: 0.4
db:VULHUBid:VHN-55888
Trust: 0.1
sources:
            
            
            CERT/CC: VU#977312 // 
            
            
            
            CNVD: CNVD-2012-3706 // 
            
            
            
            VULHUB: VHN-55888 // 
            
            
            
            BID: 54469 // 
            
            
            
            JVNDB: JVNDB-2012-003106 // 
            
            
            
            CNNVD: CNNVD-201207-220 // 
            
            
            
            NVD: CVE-2012-2607

REFERENCES
url:http://www.kb.cert.org/vuls/id/977312
Trust: 3.1
url:http://www.kb.cert.org/vuls/id/moro-8uyn8p
Trust: 2.5
url:about vulnerability notes
Trust: 0.8
url:contact us about this vulnerability
Trust: 0.8
url:provide a vendor statement
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2607
Trust: 0.8
url:http://jvn.jp/cert/jvnvu977312
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2607
Trust: 0.8
sources:
            
            
            CERT/CC: VU#977312 // 
            
            
            
            CNVD: CNVD-2012-3706 // 
            
            
            
            VULHUB: VHN-55888 // 
            
            
            
            JVNDB: JVNDB-2012-003106 // 
            
            
            
            CNNVD: CNNVD-201207-220 // 
            
            
            
            NVD: CVE-2012-2607

CREDITS
Travis Lee
Trust: 0.3
sources:
            
            
            BID: 54469

SOURCES
db:CERT/CCid:VU#977312
db:CNVDid:CNVD-2012-3706
db:VULHUBid:VHN-55888
db:BIDid:54469
db:JVNDBid:JVNDB-2012-003106
db:CNNVDid:CNNVD-201207-220
db:NVDid:CVE-2012-2607

LAST UPDATE DATE
2025-04-11T23:03:07.080000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#977312date:2013-04-03T00:00:00
db:CNVDid:CNVD-2012-3706date:2012-07-18T00:00:00
db:VULHUBid:VHN-55888date:2012-07-17T00:00:00
db:BIDid:54469date:2012-07-16T18:20:00
db:JVNDBid:JVNDB-2012-003106date:2012-07-18T00:00:00
db:CNNVDid:CNNVD-201207-220date:2012-07-17T00:00:00
db:NVDid:CVE-2012-2607date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CERT/CCid:VU#977312date:2012-07-13T00:00:00
db:CNVDid:CNVD-2012-3706date:2012-07-18T00:00:00
db:VULHUBid:VHN-55888date:2012-07-16T00:00:00
db:BIDid:54469date:2012-07-13T00:00:00
db:JVNDBid:JVNDB-2012-003106date:2012-07-18T00:00:00
db:CNNVDid:CNNVD-201207-220date:2012-07-17T00:00:00
db:NVDid:CVE-2012-2607date:2012-07-16T20:49:19.567