CVE-2012-4026
Johnson Controls Pegasys P2000 Server Software < 3.11 - False Alert Injection via TCP Port 41013
Title source: llmDescription
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerability than CVE-2012-2607.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_confirm
http://www.kb.cert.org/vuls/id/MORO-8UYN8P
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/977312
Scores
EPSS
0.0138
EPSS Percentile
69.0%
Details
CWE
CWE-20
Status
published
Products (2)
johnsoncontrols/pegasys_p2000_server
johnsoncontrols/pegasys_p2000_server_software
< 3.10
Published
Jul 16, 2012
Tracked Since
Feb 18, 2026