Vulnerabilities > Honeywell > Hbw2Per1 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2021-39363 Command Injection vulnerability in Honeywell Hbw2Per1 Firmware and Hdzp252Di Firmware
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved.
network
low complexity
honeywell CWE-77
critical
9.8
2019-10-31 CVE-2019-18226 Authentication Bypass by Capture-replay vulnerability in Honeywell products
Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products.
network
low complexity
honeywell CWE-294
critical
9.8