Vulnerability Description
Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Johnsoncontrols | Exacqvision Client | < 24.06 |
| Johnsoncontrols | Exacqvision Server | < 24.06 |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-01Third Party AdvisoryUS Government Resource
- https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisoriesVendor Advisory
FAQ
What is CVE-2024-32758?
CVE-2024-32758 is a vulnerability with a CVSS score of 7.5 (HIGH). Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange
How severe is CVE-2024-32758?
CVE-2024-32758 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-32758?
Check the references section above for vendor advisories and patch information. Affected products include: Johnsoncontrols Exacqvision Client, Johnsoncontrols Exacqvision Server.