CVE-2024-5539 – ALC WebCTRL Carrier i-Vu Access Control Bypass

CVE ID : CVE-2024-5539

Published : Nov. 27, 2025, 1:15 a.m. | 1 hour, 6 minutes ago

Description : The Access Control Bypass vulnerability found in ALC WebCTRL and Carrier i-Vu in versions up to and including 8.5 allows a malicious actor to bypass intended access restrictions and expose sensitive information via the

web based building automation server.

Severity: 9.2 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…