All versions of iSTAR Ultra prior to version 6.8.9.CU01are vulnerable to a command injection that could allow an unauthenticated user root access to the system.
https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-11
https://www.johnsoncontrols.com/cyber-solutions/security-advisories
Description Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability,
Description The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this
Description This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets