Known Vulnerabilities for C300 Firmware by Honeywell
Listed below are 7 of the newest known vulnerabilities associated with "C300 Firmware" by "Honeywell".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-26597 json | Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-25770 json | Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message. | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-25178 json | Controller may be loaded with malicious firmware which could enable remote code execution | 9.8 - CRITICAL | 2023-07-13 | 2023-07-25 |
| CVE-2023-24480 json | Controller DoS due to stack overflow when decoding a message from the server | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2021-38399 json | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an a... | 7.5 - HIGH | 2022-10-28 | 2022-11-02 |
| CVE-2021-38397 json | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an... | 10 - CRITICAL | 2022-10-28 | 2022-11-02 |
| CVE-2021-38395 json | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements i... | 9.8 - CRITICAL | 2022-10-28 | 2022-11-02 |