CVE-2025-43873 | Johnson Control iSTAR Edge G2 up to 6.9.3 os command injection

December 17, 2025 Yanac

A vulnerability was found in Johnson Control iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE and iSTAR Edge G2 up to 6.9.3 and classified as critical. This affects an unknown part. Such manipulation leads to os command injection.

This vulnerability is listed as CVE-2025-43873. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More