Vulnerabilities > Honeywell

DATE CVE VULNERABILITY TITLE RISK
2022-07-28 CVE-2022-30314 Use of Hard-coded Credentials vulnerability in Honeywell Safety Manager Firmware
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials.
low complexity
honeywell CWE-798
4.6
2022-07-28 CVE-2022-30315 Insufficient Verification of Data Authenticity vulnerability in Honeywell Safety Manager Firmware
Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient Verification of Data Authenticity.
network
low complexity
honeywell CWE-345
critical
9.8
2022-07-28 CVE-2022-30316 Improper Validation of Integrity Check Value vulnerability in Honeywell Safety Manager Firmware
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity.
low complexity
honeywell CWE-354
6.8
2022-07-28 CVE-2022-30319 Authentication Bypass by Spoofing vulnerability in Honeywell Saia PG5 Controls Suite
Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass.
low complexity
honeywell CWE-290
8.1
2022-07-28 CVE-2022-30320 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Honeywell Saia PG5 Controls Suite
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm.
low complexity
honeywell CWE-327
4.3
2022-07-15 CVE-2022-30242 Unspecified vulnerability in Honeywell Alerton Ascent Control Module Firmware
Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users.
network
low complexity
honeywell
6.8
2022-07-15 CVE-2022-30243 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Honeywell Alterton Visual Logic Firmware
Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users.
network
low complexity
honeywell CWE-829
8.8
2022-07-15 CVE-2022-30244 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Honeywell Alerton Ascent Control Module Firmware
Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users.
network
low complexity
honeywell CWE-829
8.0
2022-07-15 CVE-2022-30245 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Honeywell Alerton Compass 1.6.5
Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users.
network
low complexity
honeywell CWE-610
6.5
2022-05-26 CVE-2022-1261 Unspecified vulnerability in Honeywell Matrikon OPC Server
Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges.
network
low complexity
honeywell
8.8