Vulnerabilities > Honeywell > C300 Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-13 | CVE-2023-26597 | Out-of-bounds Write vulnerability in Honeywell C300 Firmware Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning. See Honeywell Security Notification for recommendations on upgrading and versioning. | 7.5 |
2023-07-13 | CVE-2023-24480 | Out-of-bounds Write vulnerability in Honeywell C300 Firmware Controller DoS due to stack overflow when decoding a message from the server. See Honeywell Security Notification for recommendations on upgrading and versioning. | 7.5 |
2023-07-13 | CVE-2023-25770 | Deserialization of Untrusted Data vulnerability in Honeywell C300 Firmware Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning. | 7.5 |
2022-10-28 | CVE-2021-38399 | Path Traversal vulnerability in Honeywell products Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories. | 7.5 |