CVE-2025-0658

Vulnerability Description

A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the device to crash. The device enters a fault state; after a reset, a second packet can leave it permanently unresponsive until a manual power cycle is performed.

Related Weaknesses (CWE)

CWE-20

References

https://https://www.corporate.carrier.com/product-security/advisories-resources/

FAQ

What is CVE-2025-0658?

CVE-2025-0658 is a documented vulnerability. A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the device to crash. The device enters a fault state; after a reset, a second packet can leave it permanentl...

How severe is CVE-2025-0658?

CVSS scoring is not yet available for CVE-2025-0658. Check NVD for updates.

Is there a patch for CVE-2025-0658?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.