Johnson Controls iSTAR Configuration Utility Stack-Based Buffer Overflow Vulnerability

Vulnerability

A stack-based buffer overflow vulnerability has been identified in the Johnson Controls iSTAR Configuration Utility (ICU) tool, specifically in versions through 6.9.7. This vulnerability could lead to a failure in the operating system of the machine running the ICU tool.

Impact

Exploitation of this vulnerability can cause a failure in the operating system of the affected machine.

Added: Jan 28, 2026, 12:33 PM

Updated: Jan 28, 2026, 12:33 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

3.3

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

3.3

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Johnson Controls iSTAR Configuration Utility Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating