1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc.  Equipment: Metasys ADX (Extended Application and Data Server) Server running MVE (Metasys for Validated Environments) Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an Active Directory user to execute…