An unauthorized user could gain account access to IQ Wifi 6 versions before 2.0.2 by conducting a brute force authentication attack.
johnsoncontrols iq_wifi_6_firmware