Johnson Controls Update
2383Warning Date
Severity Level
Warning Number
Target Sector
21 December, 2021
● Critical
2021-4099
All
Description:
Johnson Controls has released a security update to address Apache Log4j vulnerability in the following product:
- exacq Enterprise Manager
- Up to and including version 21.12
Threats:
A remote attacker could exploit this vulnerability by executing arbitrary code.
Best practice and Recommendations:
The CERT team encourages users to review Johnson Controls security advisory and apply the necessary update: