CVE-2025-26383 | Johnson Controls iSTAR Configuration Utility up to 6.9.4 uninitialized variable (icsa-25-146-01)

A vulnerability was found in Johnson Controls iSTAR Configuration Utility up to 6.9.4. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of uninitialized variable.

This vulnerability is uniquely identified as CVE-2025-26383. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More