Johnson Controls PowerG, IQPanel and IQHub Network Key Capture Vulnerability

Vulnerability

A vulnerability exists in Johnson Controls PowerG, IQPanel and IQHub products, allowing attackers to capture the network key and read or write encrypted packets on the PowerG network. This issue could also facilitate a replay attack. The vulnerability affects multiple versions of PowerG, IQPanel 2, IQPanel 2+, and IQPanel 4.

Impact

Exploitation of this vulnerability could lead to unauthorized interception and manipulation of encrypted communications on the PowerG network, potentially allowing for replay attacks.

Added: Dec 22, 2025, 11:19 AM

Updated: Dec 22, 2025, 11:19 AM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

5.0

exploitability

4.3

remediation

8.3

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

5.0

exploitability

4.3

remediation

8.3

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Johnson Controls PowerG, IQPanel and IQHub Network Key Capture Vulnerability

Vulnerability

Impact

Affected Products

Johnson Controls IQPanel 4

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating