Home
HIGH: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:NDefault status
unaffected
Any version before 6.06-101
affected
Default status
unaffected
Any version before 6.06-101
affected
Description
A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the device to crash. The device enters a fault state; after a reset, a second packet can leave it permanently unresponsive until a manual power cycle is performed.
Problem types
CWE-20 Improper Input Validation
Product status
Any version before 6.06-101
Any version before 6.06-101
Credits
Christopher Morales Gonzalez
References
https/....carrier.com/product-security/advisories-resources/
