Advisory ID |
CVE Record |
ICSA Record |
Affected Product |
Summary |
Published |
Updated |
---|---|---|---|---|---|---|
CVE-2023-5222
|
Viessmann Vitogate 300 |
Viessmann Vitogate 300 vulnerabilities |
September 10, 2024 |
September 10, 2024 |
||
Not Applicable |
Not Applicable |
LenelS2 NetBoxTM |
Supply chain attack |
August 5, 2024 |
August 5, 2024 |
|
CVE-2024-2420
|
LenelS2 NetBoxTM |
LenelS2 NetBoxTM vulnerabilities |
May 30, 2024 |
May 30, 2024 |
||
Not Applicable |
Not Applicable |
Carrier Global Product Security Advisory |
Progress Software MOVEit vulnerabilities |
June 26, 2023 |
June 26, 2023 |
|
CVE-2023-36483 |
Not Applicable |
MASmobile Classic |
Authorization Bypass vulnerability |
June 15, 2023 |
September 6, 2024 |
|
Not Applicable |
Not Applicable |
LenelS2 platforms |
Apache HTTP Server mod_proxy vulnerability |
March 13, 2023 |
March 16, 2023 |
|
Not Applicable |
Not Applicable |
Carrier Global Product Security Advisory |
Apache Shiro authentication bypass vulnerabilities |
Jan 20, 2023 |
Jan 20, 2023 |
|
Not Applicable |
Not Applicable |
LenelS2 OnGuard platform |
Client Authentication Bypass in Erlang/OTP |
Nov 30, 2022 |
Nov 30, 2022 |
|
Not Applicable |
Not Applicable |
Carrier Global Product Security Advisory |
OpenSSL 3.0 vulnerabilities |
Nov 4, 2022 |
Nov 4, 2022 |
|
Not Applicable |
Not Applicable |
Carrier Global Product Security Advisory |
Text4Shell Remote code execution vulnerability |
Nov 4, 2022 |
Dec 16, 2022 |
|
CVE-2022-31479
|
CARR-PSA-009-1122 |
LenelS2 Access Hardware Controllers |
HID Mercury Intelligent Controllers vulnerabilities |
June 2, 2022 |
June 2, 2022 |
|
Not Applicable |
Not Applicable |
Carrier Global Product Security Advisory |
Spring4Shell Remote code execution vulnerability |
April 7, 2022 |
April 7, 2022 |
|
Not Applicable |
Not Applicable |
Carrier Global Product Security Advisory |
Okta - Lapsus$ Compromise summary |
March 30, 2022 |
April 7, 2022 |
|
Not Applicable |
Not Applicable |
Carrier Global Product Security Advisory |
Log4j Remote code execution vulnerabilities |
Dec 20, 2021 |
Jan 20, 2022 |
|
CVE-2022-1318
|
ICSA-22-109-01 |
Hills ComNav |
Weak authentication and communication channel vulnerabilities |
Nov 1, 2021 |
April 19, 2022 |
|
CVE-2022-1019 |
ICSA-22-109-02 |
Automated Logic WebCTRL & Carrier i-Vu |
Open redirect vulnerability |
Nov 1, 2021 |
April 19, 2022 |
PRODUCT SECURITY ADVISORIES
Carrier endeavors to ensure that validation, analysis, and mitigation of findings are proactively communicated in a responsible manner.
The Carrier PSIRT Plan prepares and discloses product security advisory publications to acknowledge the reporters, vulnerabilities, impacts, and mitigations of the reported incidents.