CVE-2025-61736
Unknown
Unknown - Not Provided
Certificate Expiry Handling Flaw Causes Communication Failure in Product
Publication date: 2025-12-17
Last updated on: 2025-12-17
Assigner: Johnson Controls
Description
Description
Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| johnson_controls | product | From 4.0 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-298 | A certificate expiration is not validated or is incorrectly validated, so trust may be assigned to certificates that have been abandoned due to age. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs when the product fails to re-establish communication after its certificate expires, potentially disrupting normal operations.
How can this vulnerability impact me? :
Exploitation of this vulnerability could cause communication failures in the product once the certificate expires, potentially leading to service interruptions or loss of functionality.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70