CVE-2012-4026

Johnson Controls Pegasys P2000 Server Software < 3.11 - False Alert Injection via TCP Port 41013

Title source: llm
STIX 2.1

Description

The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerability than CVE-2012-2607.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_confirm
http://www.kb.cert.org/vuls/id/MORO-8UYN8P
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/977312

Scores

EPSS 0.0138
EPSS Percentile 69.0%

Details

CWE
CWE-20
Status published
Products (2)
johnsoncontrols/pegasys_p2000_server
johnsoncontrols/pegasys_p2000_server_software < 3.10
Published Jul 16, 2012
Tracked Since Feb 18, 2026