Vulnerabilities > Honeywell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-27 | CVE-2024-46453 | Cross-site Scripting vulnerability in Honeywell Iq3Xcite Firmware A cross-site scripting (XSS) vulnerability in the component /test/ of iq3xcite v2.31 to v3.05 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 |
| 2024-02-13 | CVE-2024-1309 | Unspecified vulnerability in Honeywell Niagara Framework Uncontrolled Resource Consumption vulnerability in Honeywell Niagara Framework on Windows, Linux, QNX allows Content Spoofing.This issue affects Niagara Framework: before Niagara AX 3.8.1, before Niagara 4.1. | 7.5 |
| 2024-01-31 | CVE-2023-5390 | Path Traversal vulnerability in Honeywell products An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. | 5.3 |
| 2024-01-30 | CVE-2023-5389 | Unspecified vulnerability in Honeywell products An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . | 7.5 |
| 2023-11-17 | CVE-2023-6179 | Incorrect Permission Assignment for Critical Resource vulnerability in Honeywell Prowatch 4.5 Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). | 7.8 |
| 2023-09-12 | CVE-2023-3710 | Command Injection vulnerability in Honeywell Pm43 Firmware Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. | 9.8 |
| 2023-09-12 | CVE-2023-3711 | Session Fixation vulnerability in Honeywell Pm43 Firmware Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. | 8.8 |
| 2023-09-12 | CVE-2023-3712 | Files or Directories Accessible to External Parties vulnerability in Honeywell Pm43 Firmware Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. | 7.8 |
| 2023-07-13 | CVE-2023-25948 | Information Exposure Through an Error Message vulnerability in Honeywell products Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning. | 7.5 |
| 2023-07-13 | CVE-2023-26597 | Out-of-bounds Write vulnerability in Honeywell C300 Firmware Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning. See Honeywell Security Notification for recommendations on upgrading and versioning. | 7.5 |