The Containment Era is here. →Explore

aviatrix logoAviatrix
Under Active Attack
Industry Category

Commercial Facilities

Breach intelligence, attack campaigns, and threat reports targeting the Commercial Facilities sector.

4 threat reports
Page 1 of 1

Explore Other Sectors

Accounting
Aerospace/Aviation
Agriculture
Airlines/Aviation
Animation
Apparel/Fashion
Architecture/Planning
Artificial Intelligence
Artificial Intelligence/Machine Learning
Arts/Crafts
Automotive
Aviation/Aerospace
Banking/Mortgage
Biotechnology/Greentech
Blockchain/Cryptocurrency
Broadcast Media
Broadcasting Media
Broadcasting/Media
Building Materials
Business Supplies/Equipment
Capital Markets/Hedge Fund/Private Equity
Chemical
Chemicals
Civic/Social Organization
Civil Engineering
Cloud Computing
Cloud Computing/SaaS
Cloud Services
Commercial Facilities
Commercial Real Estate
Computer Games
Computer Hardware
Computer Networking
Computer Software/Engineering
Computer/Network Security
Construction
Consulting
Consumer Electronics
Consumer Goods
Consumer Services
Cosmetics
Cosmetics
Critical Manufacturing
Cryptocurrencies
Customer Services
Cybersecurity
Dairy
Dating/Personal Services
Defense/Space
Design
E-Learning
Education Management
Electrical/Electronic Manufacturing
Emergency Services
Energy
Energy/Oil/Solar/Greentech
Entertainment/Movie Production
Environmental Services
Events Services
Facilities Services
Farming
Fashion/Apparel
Financial Services
Fine Art
Fishery
Food Production
Food/Beverages
Fortune 500 companies
Franchising
Fundraising
Gambling/Casinos
Gaming
Gaming/Casinos
Government Administration
Government Facilities
Government Relations
Graphic Design/Web Design
Health Care / Life Sciences
Higher Education/Acadamia
Hospitality
Human Resources/HR
Import/Export
Individual/Family Services
Industrial Automation
Information Services
Information Technology/IT
Insurance
International Affairs
International Trade/Development
Internet
Investment Banking/Venture
Investment Management/Hedge Fund/Private Equity
Judiciary
Law Enforcement
Law Practice/Law Firms
Legal Services
Legislative Office
Leisure/Travel
Logistics/Procurement
Luxury Goods/Jewelry
Machinery
Management Consulting
Manufacturing
Maritime
Marketing/Advertising/Sales
Mechanical or Industrial Engineering
Media Production
Medical Equipment
Medical Practice
Military Industry
Mining/Metals
Mobile
Museums/Institutions
Music
Newspapers/Journalism
Non-Profit/Volunteering
Oil/Energy/Solar/Greentech
Online Publishing
Outsourcing/Offshoring
Package/Freight Delivery
Parking
Pharmaceuticals
Philanthropy
Photography
Plastics
Political Organization
Primary/Secondary Education
Professional Training
Public Relations/PR
Public Safety
Publishing Industry
Railroad Manufacture
Real Estate/Mortgage
Recreational Facilities/Services
Religious Institutions
Renewables/Environment
Research Industry
Restaurants
Retail Industry
Robotics
Rural Healthcare
Security/Investigations
Semiconductors
Sporting Goods
Sports
Staffing/Recruiting
Supermarkets
Technology
Technology/IT
Telecommunications
Think Tanks
Toys and Games
Transportation
Travel/Tourism
Trucking/Freight
Utilities
Venture Capital/VC
Warehousing
Water and Wastewater
Water and Wastewater Systems
Water and Wastewater Treatment
Water, Waste, Steam, and Air Conditioning Services
Water/Wastewater Management
Water/Wastewater/Utilities
Wholesale
Wireless

Commercial Facilities Threat Reports

Showing 14 / 4 reports
Critical Security Alert: AVer PTC Cameras Vulnerable to Remote Code Execution (CVE-2026-40624)
Impact· HIGH
Higher Education/Acadamia

Critical Security Alert: AVer PTC Cameras Vulnerable to Remote Code Execution (CVE-2026-40624)

In June 2026, a critical vulnerability (CVE-2026-40624) was identified in AVer PTC series cameras, including models PTC500S, PTC115, PTC500+, and PTC115+. This flaw allows remote, unauthenticated attackers to execute arbitrary code via specially crafted web requests, potentially leading to full device compromise. The vulnerability affects all firmware versions of these models. AVer has released firmware updates to address this issue, and users are strongly advised to apply these patches promptly to mitigate the risk of exploitation. This incident underscores the ongoing security challenges in IoT devices, particularly in the surveillance sector. The ease of exploitation and the critical nature of the affected devices highlight the importance of regular firmware updates and robust network security practices to protect against emerging threats.

6 days ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(medium)
C&C
Command & Control(medium)
E
Exfiltration(medium)
I
Impact(medium)
Read Report
Critical Vulnerabilities in Johnson Controls iSTAR Devices Expose Critical Infrastructure—What You Need to Know
Impact· low
Commercial Facilities

Critical Vulnerabilities in Johnson Controls iSTAR Devices Expose Critical Infrastructure—What You Need to Know

In December 2025, Johnson Controls disclosed two critical vulnerabilities (CVE-2025-43875, CVE-2025-43876) affecting its iSTAR Ultra and Edge G2 access control devices worldwide. These vulnerabilities—improper neutralization of special elements used in OS commands (CWE-78)—can be exploited remotely with low complexity and limited privileges, potentially granting attackers unauthorized access to devices deployed across critical sectors, including commercial facilities, manufacturing, energy, transportation, and government. There are currently no reports of active exploitation, but if leveraged, these flaws could compromise physical security and facility operations. This incident underscores the persistent cybersecurity challenges in operational technology and building automation environments. The disclosure highlights an urgent need for regular patching, segregation of critical controls, and adoption of defensive measures, especially as threat actors increasingly target industrial and physical security systems with potentially far-reaching consequences.

5 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(medium)
C&C
Command & Control(medium)
E
Exfiltration(medium)
I
Impact(low)
Read Report
Johnson Controls iSTAR Certificate Expiry Flaw: 2025 ICS Vulnerability Explained
Impact· high
Commercial Facilities

Johnson Controls iSTAR Certificate Expiry Flaw: 2025 ICS Vulnerability Explained

In December 2025, Johnson Controls disclosed a critical vulnerability (CVE-2025-61736) affecting its iSTAR series access control panels. The flaw, classified as improper validation of certificate expiration, could cause affected devices to lose communication with their C•CURE Server once the default certificate expires. This disruption, impacting multiple critical infrastructure sectors worldwide, stems from older panel versions utilizing TLS versions prior to 1.2, thereby exposing systems to operational risk and service interruptions. While no public exploitation has been reported, timely mitigation is necessary to prevent outages. This incident highlights the ongoing importance of robust certificate management and timely upgrades in the face of tightening compliance demands and evolving threat landscapes. With operational technology environments increasingly targeted, companies must address outdated encryption protocols to maintain business continuity and regulatory alignment.

5 months ago

Kill Chain

IC
Initial Compromise(medium)
PE
Privilege Escalation(low)
LM
Lateral Movement(medium)
C&C
Command & Control(low)
E
Exfiltration(low)
I
Impact(high)
Read Report
Schneider Electric OPC UA DoS Flaw Threatens Global OT Operations
Impact· high
Critical Manufacturing

Schneider Electric OPC UA DoS Flaw Threatens Global OT Operations

In October 2025, Schneider Electric disclosed a critical vulnerability (CVE-2024-10085) affecting its EcoStruxure OPC UA Server Expert and Modicon Communication Server. The flaw, identified as improper allocation of resources without limits or throttling, allows a remote attacker to overwhelm the targeted server with excessive OPC UA requests, resulting in a denial-of-service (DoS) and loss of real-time process data. The vulnerability, scored at CVSS v4 8.2, threatens industrial operations worldwide, particularly in critical sectors like energy and manufacturing, if not promptly mitigated. This incident underscores the increasing risk to industrial control systems (ICS) from remote, low-complexity attacks exploiting resource exhaustion bugs. It highlights ongoing attacker interest in operational technology environments and the urgent need for robust ICS security best practices and timely patch management.

5 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(medium)
C&C
Command & Control(low)
E
Exfiltration(low)
I
Impact(high)
Read Report
[ INCIDENT RESPONSE // UNDER ATTACK? ]

Stop Active Cloud Data Exfiltration

Aviatrix Breach Lock helps teams instantly identify what data is leaving the environment, from which workload, and where it’s going — during an active breach.

Under Attack

Looking for threats in a different sector?

Browse All Threat Reports