CVE-2025-0658

Published: Nov 27, 2025

Modified: Nov 28, 2025

PUBLISHED

Description

A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the device to crash. The device enters a fault state; after a reset, a second packet can leave it permanently unresponsive until a manual power cycle is performed.

Vendor	Product	Versions
Automated Logic	Zone Controllers	affected `0 - < 6.06-101`
Carrier	Zone Controllers	affected `0 - < 6.06-101`

Weaknesses (CWE)

CWE-20

References

https://https://www.corporate.carrier.com/product-security/advisories-resources/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-0658

Description

Affected Products

Weaknesses (CWE)

References