Carrier Block Load Vulnerability: A Critical DLL Hijacking Risk for HVAC Systems
In today’s interconnected environment, threats lurking within specialized industrial software can easily slip under the radar. The latest advisory from Carrier concerning its Block Load HVAC load calculation program...
Carrier Block Load Vulnerability: Uncontrolled Search Paths Under Scrutiny
A new security advisory has emerged targeting Carrier’s Block Load—a widely used HVAC load calculation program. The vulnerability, identified as an uncontrolled search path element flaw (CWE-427), presents a significant...
On February 20, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) published an advisory outlining a critical vulnerability affecting Carrier's Block Load product—a specialized HVAC load calculation program widely used in commercial facilities. Though this advisory focuses on...