Vulnerability CVE-2024-32754

Vulnerability CVE-2024-32754

Published: 2024-07-04

Description:

Under certain circumstances, when the controller is in factory reset mode waiting for initial setup, it will broadcast its MAC address, serial number, and firmware version. Once configured, the controller will no longer broadcast this information.

References:

https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories

https://www.cisa.gov/news-events/ics-advisories/icsa-24-184-01

Copyright 2026, cxsecurity.com