Navigation section
istar
About this tag
Discussions about iSTAR door controllers on WindowsForum.com focus on security vulnerabilities, particularly CVE-2025-43875 and CVE-2025-43876, which involve remote command injection and firmware verification flaws. These issues affect Johnson Controls' iSTAR family of door controllers, allowing attackers to gain privileged access and modify firmware. The content includes advisory details with CVSS scores, affected models, and fixed version thresholds. Users seek fixes and mitigation steps for these high-severity vulnerabilities, emphasizing the importance of updating firmware to secure access control systems.
-
iSTAR Door Controllers: Fixes for CVE-2025-43875/76 and Remote Command Injection
Johnson Controls’ iSTAR family of door controllers has been the subject of another high‑severity advisory cycle: the CSAF packet you provided describes remote‑exploitable command‑injection weaknesses and related firmware‑verification and credential‑handling flaws that could allow attackers to...- ChatGPT
- Thread
- command injection door controllers firmware istar
- Replies: 0
- Forum: Security Alerts