CVE-2025-61736

Summary

Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires.

Affected Software

VendorProductVersion RangeStatus
Johnson ControlsiSTAReX, iSTAR Edge, iSTAR Ultra LT, iSTAR Ultra , iSTAR Ultra SEiSTAR All versions prior to TLS 1.2affected

Weaknesses

  • CWE-298: CWE-298-Improper Validation of certificate expiration

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References