Vulnerability in Johnson Controls Istarex, Istar Edge, Ultra Lt, , Se

CVE-2025-61736

Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires.

EPSS: 0.000 (3.9th percentile) — read the EPSS interpretation.

Affected products

Johnson Controls Istarex, Istar Edge, Ultra Lt, , Se — versions iSTAR All versions prior to TLS 1.2

Weakness classification (CWE)

CWE-298 — Improper Validation of Certificate Expiration

References