iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR...

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device.

AI Analysis

Authenticated web application command injection vulnerability in iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 devices, allowing attackers to modify firmware and gain full access to the device.

Basic Information

ID CVE-2025-43873

Source jci

Published Dec 17, 2025 at 15:53

Affected Product

Vendor Johnson Control

Product iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2

Affected Versions Johnson Control iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 0

CWE Classification

CWE-78

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Johnson Controls

Product iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2

References

{
    "lastseen": "",
    "description": "Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device.",
    "published": "2025-12-17T15:53:04.477Z",
    "modified": "2025-12-17T15:53:04.477Z",
    "type": "cve",
    "title": "iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - setFaultDebounce",
    "source": "jci",
    "references": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories\nhttps://www.cisa.gov/news-events/ics-advisories/icsa-25-345-02",
    "id": "CVE-2025-43873",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "Johnson Control iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2",
    "version": "0",
    "vendor": "Johnson Control",
    "ai_description": "Authenticated web application command injection vulnerability in iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 devices, allowing attackers to modify firmware and gain full access to the device.",
    "ai_severity": "High",
    "ai_vendor": "Johnson Controls",
    "ai_product": "iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2",
    "ai_version": "0",
    "ai_score": 8.7
}

iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 – Authenticated web application command injection – setFaultDebounce_CVE-2025-43873