CVE-2025-61738
Unknown
Unknown - Not Provided
Cryptographic Key Exposure in PowerG Network Enables Packet Manipulation
Publication date: 2025-12-22
Last updated on: 2025-12-22
Assigner: Johnson Controls
Description
Description
Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| johnson_controls | building_management_systems | 4.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-319 | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows an attacker, under certain circumstances, to capture the network key and read or write encrypted packets on the PowerG network.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an attacker to intercept and potentially manipulate encrypted communications on the PowerG network, which could lead to unauthorized access or data tampering.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70