Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-27	CVE-2024-46453	Cross-site Scripting vulnerability in Honeywell Iq3Xcite Firmware 2.31 A cross-site scripting (XSS) vulnerability in the component /test/ of iq3xcite v2.31 to v3.05 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. network low complexity honeywell CWE-79	6.1
2024-05-03	CVE-2023-51600	Unspecified vulnerability in Honeywell Saia PG5 Controls Suite 2.3.193 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. network low complexity honeywell	6.5
2024-05-03	CVE-2023-51601	Unspecified vulnerability in Honeywell Saia PG5 Controls Suite 2.3.193 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. network low complexity honeywell	6.5
2024-05-03	CVE-2023-51602	Unspecified vulnerability in Honeywell Saia PG5 Controls Suite 2.3.193 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. network low complexity honeywell	6.5
2024-05-03	CVE-2023-51604	Unspecified vulnerability in Honeywell Saia PG5 Controls Suite 2.3.193 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. network low complexity honeywell	6.5
2024-05-03	CVE-2023-51605	Unspecified vulnerability in Honeywell Saia PG5 Controls Suite 2.3.193 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. network low complexity honeywell	6.5
2024-01-31	CVE-2023-5390	Path Traversal vulnerability in Honeywell products An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. network low complexity honeywell CWE-22	5.3
2023-05-30	CVE-2022-43485	Use of Insufficiently Random Values vulnerability in Honeywell Onewireless Network Wireless Device Manager Firmware R322.1 Use of Insufficiently Random Values in Honeywell OneWireless. network low complexity honeywell CWE-330	6.5
2023-05-30	CVE-2022-46361	OS Command Injection vulnerability in Honeywell Onewireless Network Wireless Device Manager Firmware R322.1 An attacker having physical access to WDM can plug USB device to gain access and execute unwanted commands. low complexity honeywell CWE-78	6.8
2022-09-07	CVE-2022-30312	Cleartext Transmission of Sensitive Information vulnerability in Honeywell products The Trend Controls IC protocol through 2022-05-06 allows Cleartext Transmission of Sensitive Information. low complexity honeywell CWE-319	6.5