{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T02:00:29.220","vulnerabilities":[{"cve":{"id":"CVE-2025-26385","sourceIdentifier":"productsecurity@jci.com","published":"2026-01-30T11:15:53.467","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Johnson Controls Metasys component listed below have  Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability . Successful exploitation of this vulnerability could allow remote SQL execution This issue affects \n\n\n\n  *  Metasys: Application and Data Server (ADS) installed with SQL Express deployed as part of the Metasys 14.1 and prior installation, \n  *  Extended Application and Data Server (ADX) installed with SQL Express deployed as part of the Metasys 14.1 installation, \n  *  LCS8500 or NAE8500 installed with SQL Express deployed as part of the Metasys installation Releases 12.0 through 14.1, \n  *  System Configuration Tool (SCT) installed with SQL Express deployed as part of the SCT installation 17.1 and prior, \n  *  Controller Configuration Tool (CCT) installed with SQL Express deployed as part of the CCT installation 17.0 and prior."},{"lang":"es","value":"El componente Metasys de Johnson Controls que se enumera a continuación tiene una vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando (inyección de comandos). La explotación exitosa de esta vulnerabilidad podría permitir la ejecución remota de SQL. Este problema afecta a\n\n* Metasys: Servidor de Aplicaciones y Datos (ADS) instalado con SQL Express implementado como parte de la instalación de Metasys 14.1 y anteriores,\n* Servidor de Aplicaciones y Datos Extendido (ADX) instalado con SQL Express implementado como parte de la instalación de Metasys 14.1,\n* LCS8500 o NAE8500 instalado con SQL Express implementado como parte de la instalación de Metasys Versiones 12.0 a 14.1,\n* Herramienta de Configuración del Sistema (SCT) instalado con SQL Express implementado como parte de la instalación de SCT 17.1 y anteriores,\n* Herramienta de Configuración del Controlador (CCT) instalado con SQL Express implementado como parte de la instalación de CCT 17.0 y anteriores."}],"metrics":{"cvssMetricV40":[{"source":"productsecurity@jci.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.5,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"productsecurity@jci.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-04","source":"productsecurity@jci.com"},{"url":"https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories","source":"productsecurity@jci.com"}]}}]}