Skip to main content

CVE-2025-26386

Stack-based Buffer Overflow (CWE-121)
2026-01-28 productsecurity@jci.com
Buffer Overflow Stack Overflow

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 28, 2026 - 12:15 nvd
N/A

DescriptionNVD

Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior. Successful exploitation of this vulnerability could result in failure within the operating system of the machine hosting the ICU tool.

AnalysisAI

Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior.

Technical ContextAI

Classified as CWE-121 (Stack-based Buffer Overflow). Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility (ICU) version 6.9.7 and prior. Successful exploitation of this vulnerability could result in failure within the operating system of the machine hosting the ICU tool.

Affected ProductsAI

Johnson Controls iSTAR Configuration Utility (ICU) has Stack-based Buffer Overflow vulnerability

RemediationAI

Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.

Share

CVE-2025-26386 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy