Home

Description

Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network.

PUBLISHED Reserved 2025-09-30 | Published 2025-12-22 | Updated 2025-12-22 | Assigner jci




LOW: 2.3CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-319 Cleartext Transmission of Sensitive Information

Product status

Default status
unaffected

IQPanel2 (custom)
affected

IQHub (custom)
affected

IQPanel2+ (custom)
affected

,IQPanel 4 (custom)
affected

PowerG (custom)
affected

Credits

James Chambers of NCC Group finder

Sultan Qasim Khan of NCC Group finder

References

www.cisa.gov/news-events/ics-advisories/icsa-25-350-02

www.johnsoncontrols.com/...cybersecurity/security-advisories

cve.org (CVE-2025-61738)

nvd.nist.gov (CVE-2025-61738)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.