Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

C●CURE 9000 Weak Credentials Vulnerability

July 9, 2024
Reading Time: 2 mins read
in Alerts
C●CURE 9000 Weak Credentials Vulnerability

Johnson Controls has issued an ICS advisory for its Software House C●CURE 9000, highlighting a significant vulnerability. The advisory, released on July 9, 2024, details a weakness related to the use of weak credentials, assigned CVE-2024-32759. This vulnerability, rated 7.7 on the CVSS v4 scale, allows for remote exploitation with low attack complexity. It potentially grants attackers administrative access, impacting the confidentiality, integrity, and availability of the system.

The affected version of the Software House C●CURE 9000 is version 2.80 and earlier. The flaw lies in the system’s use of weak credentials, which can be exploited by attackers to gain unauthorized access. This could result in severe consequences such as unauthorized control and manipulation of the system, making it critical to address the vulnerability promptly.

Johnson Controls recommends updating the Software House C●CURE 9000 to version 2.90 or later to mitigate this risk. The company has issued a product security advisory (JCI-PSA-2024-12 v1) with detailed instructions for users. Additionally, CISA advises organizations to implement robust defensive measures, such as minimizing network exposure and employing secure remote access methods like updated VPNs.

The advisory also underscores the importance of following general cybersecurity best practices. CISA suggests performing impact analysis and risk assessments before deploying defensive measures. For more guidance on cybersecurity strategies and best practices, organizations can refer to CISA’s resources on their ICS webpage and technical papers for targeted intrusion detection and mitigation strategies.

Reference:
  • Johnson Controls C●CURE 9000 Weak Credentials Vulnerability
Tags: C●CURE 9000CISACyber AlertsCyber Alerts 2024Cyber threatsJohnson ControlsJuly 2024SoftwareVulnarabilities
ADVERTISEMENT

Related Posts

Hackers Target Libraesva Email Flaw

Hackers Target Libraesva Email Flaw

September 30, 2025
Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

September 30, 2025
Hackers Target Libraesva Email Flaw

Cisco Warns Of IOS Zero Day Bug

September 30, 2025
Fake Microsoft Teams Installers Spread

Fake Microsoft Teams Installers Spread

September 30, 2025
Fake Microsoft Teams Installers Spread

Cybercriminals Use Facebook Google Ads

September 30, 2025
Fake Microsoft Teams Installers Spread

CISA Warns Of Critical Sudo Flaw

September 30, 2025

Latest Alerts

Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

Cisco Warns Of IOS Zero Day Bug

CISA Warns Of Critical Sudo Flaw

Cybercriminals Use Facebook Google Ads

Fake Microsoft Teams Installers Spread

Subscribe to our newsletter

    Latest Incidents

    Ukrainian Hackers Breach Crimean Servers

    Ransomware Gang Claims Maryland Breach

    Arizona School District Data Breach

    Attackers Take Down Asahi Brewer

    Harrods Alerts Customers To Breach

    Hackers Steal Photos From Kido Nursery

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial