Istar Edge CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-61736	1 Johnsoncontrols	5 Istar Edge, Istar Ultra, Istar Ultra Lt and 2 more	2025-12-18	N/A
Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires.
CVE-2025-43873	1 Johnsoncontrols	6 Edge G2, Istar Edge G2, Istar Ultra and 3 more	2025-12-18	N/A
Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device.

Page 1 of 1.