You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-43867
About this tag
CVE-2025-43867 is a critical vulnerability affecting Johnson Controls FX80 and FX90 platforms, which are building automation and facility management systems used in critical infrastructure sectors such as manufacturing, government, and energy. The vulnerability exposes configuration files to remote compromise through an outdated third-party component, earning a CVSS v4 base score of 8.4. Discussions on WindowsForum.com highlight the urgent need for IT and OT security teams to address this flaw to protect industrial control systems from potential exploitation.
A critical new vulnerability in the Johnson Controls FX80 and FX90 platforms has brought the cyber-physical security of critical infrastructure sharply into focus, as industrial operators worldwide brace for the fallout from the recently disclosed CVE-2025-43867. Affecting building automation...