A significant vulnerability in several of Johnson Controls’ industrial refrigeration devices was discovered by an outside researcher, and Johnson Controls just released remedies for it. Johnson Controls and the US cybersecurity organization CISA have released advisories regarding a hole that might “allow an unauthorized user to access debug features that were accidentally exposed.” The flaw is identified as CVE-2023-4804.
Frick Quantum HD Unity Compressor, AcuAir, Condenser/Vessel, Evaporator, Engine Room, and Interface control panels are among the products that are affected. The food and beverage industry seller promotes Frick refrigeration products. The compromised items are used globally, notably in the vital manufacturing sector, claims CISA.