Skip to main content

Honeywell

68 CVEs product

Monthly

CVE-2026-13742 MEDIUM This Month

Honeywell IQ MultiAccess physical access control software, all versions through V28, improperly verifies digital signatures on downloaded files due to a time-of-check/time-of-use (TOCTOU) race condition, allowing a local low-privileged attacker to replace a legitimately verified file with a malicious one in the window between signature check and file consumption. Successful exploitation yields high integrity and availability impact on the vulnerable system, as the replaced file may execute attacker-controlled code or corrupt system components. No public exploit identified at time of analysis; Honeywell has released patches V27 SP1 and V28 SP1.

Honeywell Information Disclosure Iq Multiaccess
NVD
CVSS 4.0
5.9
EPSS
0.1%
CVE-2026-5434 MEDIUM PATCH This Month

Sensitive information disclosure in Honeywell Control Network Module (CNM) versions 100.1 through 110.2 allows unauthenticated remote attackers to access protected data by probing system file paths that inadvertently receive sensitive writes. The root cause is CWE-538, where the module incorrectly routes sensitive information into directories accessible outside the intended trust boundary. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog; however, its presence in an industrial control system network component elevates the operational consequence of any successful confidentiality breach.

Information Disclosure Honeywell
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-5433 CRITICAL PATCH Act Now

Remote code execution in Honeywell Control Network Module (CNM) versions 100.1 through 110.2 allows authenticated high-privilege attackers to inject arbitrary OS commands through the device's web interface using command delimiters. The flaw carries a CVSS 9.1 rating due to scope change and full CIA impact, and no public exploit identified at time of analysis, though the industrial-control context makes any RCE highly consequential. Honeywell has released a patch via its process.honeywell.com portal.

Honeywell RCE Command Injection
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2026-4272 HIGH This Week

Remote unauthenticated command execution in Honeywell Handheld Scanner base stations (C1/D1/A1/B1 models) allows attackers within Bluetooth range to execute system commands on connected host systems without authentication. Affects C1 Base (Ingenic x1000) before GK000432BAA, D1 Base (Ingenic x1600) before HE000085BAA, and A1/B1 Base (IMX25) before BK000763BAA/BK000765BAA/CU000101BAA. CVSS 8.1 (High) reflects high confidentiality and integrity impact with network attack vector requiring user interaction. No public exploit identified at time of analysis, though the missing authentication (CWE-306) combined with proximity-based Bluetooth attack vector creates significant risk for environments using these industrial scanning devices.

Honeywell Authentication Bypass
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-3611 CRITICAL Act Now

Unauthenticated access to Honeywell IQ4x building controller HMI. CVSS 10.0.

Authentication Bypass Honeywell
NVD GitHub VulDB
CVSS 4.0
10.0
EPSS
0.1%
CVE-2025-2523 CRITICAL Act Now

A remote code execution vulnerability in Honeywell Experion PKS and OneWireless WDM (CVSS 9.4). Critical severity with potential for significant impact on affected systems.

Honeywell RCE Integer Overflow SCADA Industrial
NVD
CVSS 3.1
9.4
EPSS
0.4%
CVE-2025-2521 HIGH This Week

A remote code execution vulnerability in Honeywell Experion PKS and OneWireless WDM (CVSS 8.6). High severity vulnerability requiring prompt remediation.

RCE Buffer Overflow Honeywell Memory Corruption Information Disclosure
NVD
CVSS 3.1
8.6
EPSS
0.4%
CVE-2025-2520 HIGH This Week

CVE-2025-2520 is an uninitialized variable vulnerability in Honeywell Experion PKS's Epic Platform Analyzer (EPA) communications module that enables remote attackers to manipulate communication channels and trigger pointer dereference errors, resulting in denial of service. The vulnerability affects multiple Experion PKS product lines across versions 520.1-520.2 TCU9 and 530-530 TCU3, with a CVSS score of 7.5 indicating high availability impact. No evidence of active exploitation (KEV status) or public POC availability is indicated; however, the network-accessible attack vector and lack of authentication requirements elevate real-world risk for critical industrial control environments.

Denial Of Service Honeywell Null Pointer Dereference
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-2605 CRITICAL Act Now

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure allows Privilege Abuse.04 before V12.53 and MB-Secure PRO from V01.06. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Honeywell Mb Secure Firmware Mb Secure Pro Firmware
NVD
CVSS 3.1
9.9
EPSS
0.8%
CVE-2023-5878 CRITICAL Act Now

Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Honeywell
NVD
CVSS 4.0
9.4
EPSS
0.3%
CVE-2024-6620 LOW Monitor

Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site scripting vulnerability. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Honeywell
NVD
CVSS 3.1
3.5
EPSS
0.3%
CVE-2024-1309 HIGH This Week

Uncontrolled Resource Consumption vulnerability in Honeywell Niagara Framework on Windows, Linux, QNX allows Content Spoofing.8.1, before Niagara 4.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Denial Of Service Microsoft Niagara Framework
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-6179 HIGH This Week

Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Honeywell Prowatch
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-3712 HIGH This Week

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.19.050004. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Privilege Escalation Honeywell Pm43 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-3711 HIGH This Week

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.19.050004. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Honeywell Pm43 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-3710 CRITICAL POC THREAT Act Now

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.19.050004. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Command Injection Pm43 Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
33.1%
CVE-2023-26597 HIGH This Week

Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Honeywell C300 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-25948 HIGH This Week

Server information leak of configuration data when an error is generated in response to a specially crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Honeywell Experion Server Experion Station Engineering Station +1
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-25770 HIGH This Week

Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Honeywell Deserialization C300 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-25178 CRITICAL Act Now

Controller may be loaded with malicious firmware which could enable remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell C300 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-25078 HIGH This Week

Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Honeywell Experion Server Experion Station +2
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-24480 HIGH This Week

Controller DoS due to stack overflow when decoding a message from the server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Honeywell C300 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-23585 HIGH This Week

Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Honeywell Experion Server Experion Station +2
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-2333 HIGH This Week

If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Softmaster
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-2332 HIGH This Week

A local unprivileged attacker may escalate to administrator privileges in Honeywell SoftMaster version 4.51, due to insecure permission assignment. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Honeywell Privilege Escalation Softmaster
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-30318 CRITICAL Act Now

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Authentication Bypass Honeywell Denial Of Service Controledge Plc Firmware +1
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-30317 CRITICAL Act Now

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Denial Of Service Experion Lx Firmware
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2022-30316 MEDIUM This Month

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Denial Of Service Safety Manager Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2022-30315 CRITICAL Act Now

Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient Verification of Data Authenticity. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Denial Of Service Safety Manager Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-30314 MEDIUM This Month

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Safety Manager Firmware
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2022-30313 HIGH This Week

Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Safety Manager Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-30245 MEDIUM This Month

Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alerton Compass
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-30244 HIGH This Week

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alerton Ascent Control Module Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
1.4%
CVE-2022-30243 HIGH This Week

Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alterton Visual Logic Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.7%
CVE-2022-30242 MEDIUM This Month

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alerton Ascent Control Module Firmware
NVD GitHub
CVSS 3.1
6.8
EPSS
1.2%
CVE-2022-1261 HIGH This Week

Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Matrikon Opc Server
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2020-6974 CRITICAL Act Now

Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Path Traversal Notifier Webserver
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2020-6982 HIGH This Week

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Win Pak
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-6978 HIGH This Week

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Win Pak
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2020-7005 HIGH This Week

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell RCE CSRF Win Pak
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-6972 CRITICAL Act Now

In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Notifier Webserver
NVD
CVSS 3.1
9.1
EPSS
1.3%
CVE-2020-6968 HIGH This Week

Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Honeywell Privilege Escalation Inncom Inncontrol Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-18230 HIGH This Week

Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell H4D8Pr1 Firmware Hfd5Pr1 Firmware Hpw2P1 Firmware +45
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-18228 HIGH This Week

Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Denial Of Service H2W2Pc1M Firmware H2W2Per3 Firmware H2W4Per3 Firmware +22
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2019-18226 CRITICAL Act Now

Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure H2W2Pc1M Firmware H2W2Per3 Firmware H2W4Per3 Firmware +61
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-13523 MEDIUM This Month

In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Hbd3Pr2 Firmware H4D3Prv3 Firmware Hed3Pr3 Firmware +56
NVD
CVSS 3.1
5.3
EPSS
1.8%
CVE-2018-14825 MEDIUM This Month

On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OS 6.0, CN75 running Android OS 6.0, CN75e running Android. Rated medium severity (CVSS 5.8), this vulnerability is no authentication required. No vendor patch available.

Google Privilege Escalation Honeywell Cn80 Ct40 +12
NVD
CVSS 3.0
5.8
EPSS
0.8%
CVE-2018-8714 MEDIUM This Month

Honeywell MatrikonOPC OPC Controller before 5.1.0.0 allows local users to transfer arbitrary files from a host computer and consequently obtain sensitive information via vectors related to MSXML. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Honeywell Matrikonopc Explorer
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2017-14263 HIGH Act Now

Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 24.4% and no vendor patch available.

Session Fixation Honeywell Information Disclosure Enterprise Dvr Firmware Maxpro Nvr Hybrid Se Firmware +5
NVD GitHub
CVSS 3.0
8.1
EPSS
24.4%
CVE-2017-5671 HIGH POC This Week

Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account,. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Honeywell Privilege Escalation Intermec Pc23 Firmware Intermec Pc42 Firmware Intermec Pc43 Firmware +4
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-5143 HIGH This Week

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Honeywell Xl Web Ii Controller
NVD
CVSS 3.0
8.6
EPSS
3.2%
CVE-2017-5142 CRITICAL Act Now

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Privilege Escalation Xl Web Ii Controller
NVD
CVSS 3.0
9.1
EPSS
0.3%
CVE-2017-5141 MEDIUM This Month

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Session Fixation Honeywell Information Disclosure Xl Web Ii Controller
NVD
CVSS 3.0
6.0
EPSS
0.5%
CVE-2017-5140 CRITICAL Act Now

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Xl Web Ii Controller
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-5139 CRITICAL Act Now

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Xl Web Ii Controller
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2016-8344 LOW Monitor

An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Honeywell Information Disclosure Experion Process Knowledge System
NVD
CVSS 3.0
3.7
EPSS
0.9%
CVE-2016-2280 HIGH This Week

Buffer overflow in RDISERVER in Honeywell Uniformance Process History Database (PHD) R310, R320, and R321 allows remote attackers to cause a denial of service (service outage) via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Honeywell Uniformance Process History Database
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2015-7908 CRITICAL Act Now

Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allow remote attackers to discover cleartext passwords by sniffing the network. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Honeywell Midas Firmware Midas Black Firmware
NVD
CVSS 2.0
9.3
EPSS
0.3%
CVE-2015-7907 HIGH This Week

Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Honeywell Midas Black Firmware Midas Firmware
NVD
CVSS 3.0
8.6
EPSS
0.3%
CVE-2015-3974 CRITICAL Act Now

EasyIO EasyIO-30P-SF controllers with firmware before 0.5.21 and 2.x before 2.0.5.21, as used in Accutrol, Bar-Tech Automation, Infocon/EasyIO, Honeywell Automation India, Johnson Controls,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Easyio 30P Sf Firmware Easyio 30P Sf
NVD
CVSS 2.0
9.0
EPSS
0.7%
CVE-2015-2848 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Honeywell Tuxedo Touch
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-2847 MEDIUM This Month

Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Tuxedo Touch
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-0984 CRITICAL POC Act Now

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Honeywell Excel Web Xl 1000C100 104 I O Excel Web Xl 1000C1000 600 I O Excel Web Xl 1000C1000 600 I O Uukl +5
NVD
CVSS 2.0
10.0
EPSS
0.8%
CVE-2014-8269 HIGH Act Now

Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.1% and no vendor patch available.

RCE Buffer Overflow Honeywell Opos Suite
NVD
CVSS 2.0
7.5
EPSS
17.1%
CVE-2014-3110 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Honeywell Falcon Xlweb Linux Controller Falcon Xlweb Xlwebexe
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
2.4%
CVE-2014-2717 HIGH This Week

Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Honeywell Authentication Bypass Falcon Xlweb Linux Controller Falcon Xlweb Xlwebexe
NVD
CVSS 2.0
7.6
EPSS
0.4%
CVE-2013-0108 MEDIUM POC THREAT This Month

An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 61.4%.

Honeywell Code Injection RCE Enterprise Buildings Integrator Symmetre +1
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
61.4%
Threat
4.7
CVE-2012-0254 HIGH This Week

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Honeywell RCE Enterprise Building Manager +2
NVD
CVSS 2.0
7.5
EPSS
2.6%
EPSS 0% CVSS 5.9
MEDIUM This Month

Honeywell IQ MultiAccess physical access control software, all versions through V28, improperly verifies digital signatures on downloaded files due to a time-of-check/time-of-use (TOCTOU) race condition, allowing a local low-privileged attacker to replace a legitimately verified file with a malicious one in the window between signature check and file consumption. Successful exploitation yields high integrity and availability impact on the vulnerable system, as the replaced file may execute attacker-controlled code or corrupt system components. No public exploit identified at time of analysis; Honeywell has released patches V27 SP1 and V28 SP1.

Honeywell Information Disclosure Iq Multiaccess
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Sensitive information disclosure in Honeywell Control Network Module (CNM) versions 100.1 through 110.2 allows unauthenticated remote attackers to access protected data by probing system file paths that inadvertently receive sensitive writes. The root cause is CWE-538, where the module incorrectly routes sensitive information into directories accessible outside the intended trust boundary. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog; however, its presence in an industrial control system network component elevates the operational consequence of any successful confidentiality breach.

Information Disclosure Honeywell
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Remote code execution in Honeywell Control Network Module (CNM) versions 100.1 through 110.2 allows authenticated high-privilege attackers to inject arbitrary OS commands through the device's web interface using command delimiters. The flaw carries a CVSS 9.1 rating due to scope change and full CIA impact, and no public exploit identified at time of analysis, though the industrial-control context makes any RCE highly consequential. Honeywell has released a patch via its process.honeywell.com portal.

Honeywell RCE Command Injection
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Remote unauthenticated command execution in Honeywell Handheld Scanner base stations (C1/D1/A1/B1 models) allows attackers within Bluetooth range to execute system commands on connected host systems without authentication. Affects C1 Base (Ingenic x1000) before GK000432BAA, D1 Base (Ingenic x1600) before HE000085BAA, and A1/B1 Base (IMX25) before BK000763BAA/BK000765BAA/CU000101BAA. CVSS 8.1 (High) reflects high confidentiality and integrity impact with network attack vector requiring user interaction. No public exploit identified at time of analysis, though the missing authentication (CWE-306) combined with proximity-based Bluetooth attack vector creates significant risk for environments using these industrial scanning devices.

Honeywell Authentication Bypass
NVD
EPSS 0% CVSS 10.0
CRITICAL Act Now

Unauthenticated access to Honeywell IQ4x building controller HMI. CVSS 10.0.

Authentication Bypass Honeywell
NVD GitHub VulDB
EPSS 0% CVSS 9.4
CRITICAL Act Now

A remote code execution vulnerability in Honeywell Experion PKS and OneWireless WDM (CVSS 9.4). Critical severity with potential for significant impact on affected systems.

Honeywell RCE Integer Overflow +2
NVD
EPSS 0% CVSS 8.6
HIGH This Week

A remote code execution vulnerability in Honeywell Experion PKS and OneWireless WDM (CVSS 8.6). High severity vulnerability requiring prompt remediation.

RCE Buffer Overflow Honeywell +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

CVE-2025-2520 is an uninitialized variable vulnerability in Honeywell Experion PKS's Epic Platform Analyzer (EPA) communications module that enables remote attackers to manipulate communication channels and trigger pointer dereference errors, resulting in denial of service. The vulnerability affects multiple Experion PKS product lines across versions 520.1-520.2 TCU9 and 530-530 TCU3, with a CVSS score of 7.5 indicating high availability impact. No evidence of active exploitation (KEV status) or public POC availability is indicated; however, the network-accessible attack vector and lack of authentication requirements elevate real-world risk for critical industrial control environments.

Denial Of Service Honeywell Null Pointer Dereference
NVD
EPSS 1% CVSS 9.9
CRITICAL Act Now

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure allows Privilege Abuse.04 before V12.53 and MB-Secure PRO from V01.06. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Honeywell Mb Secure Firmware +1
NVD
EPSS 0% CVSS 9.4
CRITICAL Act Now

Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Honeywell
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site scripting vulnerability. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Honeywell
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Uncontrolled Resource Consumption vulnerability in Honeywell Niagara Framework on Windows, Linux, QNX allows Content Spoofing.8.1, before Niagara 4.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Denial Of Service Microsoft +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Honeywell Prowatch
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.19.050004. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Privilege Escalation +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.19.050004. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Honeywell +1
NVD
EPSS 33% CVSS 9.8
CRITICAL POC THREAT Act Now

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.19.050004. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Command Injection Pm43 Firmware
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH This Week

Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Honeywell +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Server information leak of configuration data when an error is generated in response to a specially crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Honeywell Experion Server +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Honeywell Deserialization +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Controller may be loaded with malicious firmware which could enable remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell C300 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Honeywell +4
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Controller DoS due to stack overflow when decoding a message from the server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Honeywell C300 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Honeywell +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Softmaster
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A local unprivileged attacker may escalate to administrator privileges in Honeywell SoftMaster version 4.51, due to insecure permission assignment. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Honeywell Privilege Escalation Softmaster
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Authentication Bypass Honeywell +3
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Denial Of Service +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Denial Of Service +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient Verification of Data Authenticity. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Denial Of Service +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Safety Manager Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Safety Manager Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alerton Compass
NVD GitHub
EPSS 1% CVSS 8.0
HIGH This Week

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alerton Ascent Control Module Firmware
NVD GitHub
EPSS 2% CVSS 8.8
HIGH This Week

Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alterton Visual Logic Firmware
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM This Month

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Alerton Ascent Control Module Firmware
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell Matrikon Opc Server
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Path Traversal Notifier Webserver
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Win Pak
NVD
EPSS 1% CVSS 7.2
HIGH This Week

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Win Pak
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell RCE CSRF +1
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Notifier Webserver
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Honeywell Privilege Escalation Inncom Inncontrol Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell H4D8Pr1 Firmware +47
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Denial Of Service H2W2Pc1M Firmware +24
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure H2W2Pc1M Firmware +63
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Hbd3Pr2 Firmware +58
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OS 6.0, CN75 running Android OS 6.0, CN75e running Android. Rated medium severity (CVSS 5.8), this vulnerability is no authentication required. No vendor patch available.

Google Privilege Escalation Honeywell +14
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Honeywell MatrikonOPC OPC Controller before 5.1.0.0 allows local users to transfer arbitrary files from a host computer and consequently obtain sensitive information via vectors related to MSXML. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Honeywell Matrikonopc Explorer
NVD
EPSS 24% CVSS 8.1
HIGH Act Now

Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 24.4% and no vendor patch available.

Session Fixation Honeywell Information Disclosure +7
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account,. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Honeywell Privilege Escalation Intermec Pc23 Firmware +6
NVD GitHub Exploit-DB
EPSS 3% CVSS 8.6
HIGH This Week

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Honeywell Xl Web Ii Controller
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Privilege Escalation Xl Web Ii Controller
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Session Fixation Honeywell Information Disclosure +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Xl Web Ii Controller
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Xl Web Ii Controller
NVD
EPSS 1% CVSS 3.7
LOW Monitor

An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Honeywell Information Disclosure Experion Process Knowledge System
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Buffer overflow in RDISERVER in Honeywell Uniformance Process History Database (PHD) R310, R320, and R321 allows remote attackers to cause a denial of service (service outage) via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Honeywell +1
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allow remote attackers to discover cleartext passwords by sniffing the network. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Honeywell Midas Firmware +1
NVD
EPSS 0% CVSS 8.6
HIGH This Week

Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Honeywell Midas Black Firmware +1
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

EasyIO EasyIO-30P-SF controllers with firmware before 0.5.21 and 2.x before 2.0.5.21, as used in Accutrol, Bar-Tech Automation, Infocon/EasyIO, Honeywell Automation India, Johnson Controls,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Easyio 30P Sf Firmware +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Honeywell Tuxedo Touch
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Tuxedo Touch
NVD
EPSS 1% CVSS 10.0
CRITICAL POC Act Now

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Honeywell Excel Web Xl 1000C100 104 I O +7
NVD
EPSS 17% CVSS 7.5
HIGH Act Now

Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.1% and no vendor patch available.

RCE Buffer Overflow Honeywell +1
NVD
EPSS 2% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Honeywell Falcon Xlweb Linux Controller +1
NVD Exploit-DB
EPSS 0% CVSS 7.6
HIGH This Week

Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Honeywell Authentication Bypass Falcon Xlweb Linux Controller +1
NVD
EPSS 61% 4.7 CVSS 6.8
MEDIUM POC THREAT This Month

An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 61.4%.

Honeywell Code Injection RCE +3
NVD Exploit-DB
EPSS 3% CVSS 7.5
HIGH This Week

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Honeywell +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy