An unauthorized user could gain account access to IQ Wifi 6 versions before 2.0.2 by conducting a brute force authentication attack.
johnsoncontrols iq wifi 6 firmware