CVE-2023-0954

HIGH

Sensormatic Electronics Illustra Pro Gen 4 - Info Disclosure

Title source: llm

Description

A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.

References (2)

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02

[Broken Link] https://www.johnsoncontrols.com/cyber-solutions/security-advisories

Scores

CVSS v3 8.3

EPSS 0.0011

EPSS Percentile 29.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-489

Status published

Products (2)

johnsoncontrols/illustra_pro_gen_4_dome_firmware < ss016.05.09.04.0006

johnsoncontrols/illustra_pro_gen_4_ptz_firmware < ss010.05.09.04.0022

Published Jun 08, 2023

Tracked Since Feb 18, 2026