Johnson Controls Frick Controls Quantum HD Unauthenticated Remote Code Execution Vulnerability
Vulnerability
A code injection vulnerability allowing unauthenticated remote code execution has been identified in Johnson Controls Frick Controls Quantum HD, affecting versions through 10.22. The vulnerability arises from insufficient input validation in certain parameters, which may enable unexpected actions that compromise device security before authentication.
Impact
Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected device.
Added: Feb 27, 2026, 9:20 AM
Updated: Feb 27, 2026, 2:18 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
7.5exploitability
7.4remediation
0.0relevance
3.3threat
0.0urgency
2.9incentive
4.2Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.