Known Vulnerabilities for products from Honeywell
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Honeywell".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Honeywell can be found at device.report : Honeywell
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-4272 json | Not Provided | 2026-04-05 | 2026-04-06 | |
| CVE-2023-26597 json | Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-25948 json | Server information leak of configuration data when an error is generated in response to a specially crafted message. | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-25770 json | Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message. | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-25178 json | Controller may be loaded with malicious firmware which could enable remote code execution | 9.8 - CRITICAL | 2023-07-13 | 2023-07-25 |
| CVE-2023-25078 json | Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a specifi... | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-24480 json | Controller DoS due to stack overflow when decoding a message from the server | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-24474 json | Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-23585 json | Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configur... | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-22435 json | Experion server may experience a DoS due to a stack overflow when handling a specially crafted message. | 7.5 - HIGH | 2023-07-13 | 2023-07-25 |
| CVE-2023-3712 json | Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules)... | 7.8 - HIGH | 2023-09-12 | 2023-09-19 |
| CVE-2023-3711 json | Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsific... | 8.8 - HIGH | 2023-09-12 | 2023-09-19 |
| CVE-2023-3710 json | Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.... | 9.8 - CRITICAL | 2023-09-12 | 2023-09-19 |
| CVE-2023-3243 json | ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash and utilize... | 9.8 - CRITICAL | 2023-06-28 | 2023-11-07 |
| CVE-2022-46361 json | An attacker having physical access to WDM can plug USB device to gain access and execute unwanted commands. A malicious user ... | 6.8 - MEDIUM | 2023-05-30 | 2023-06-06 |
| CVE-2022-43485 json | Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in... | 6.5 - MEDIUM | 2023-05-30 | 2023-06-06 |
| CVE-2022-30320 json | Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. According to FSCT-2022-006... | 4.3 - MEDIUM | 2022-07-28 | 2022-08-10 |
| CVE-2022-30319 json | Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia... | 8.1 - HIGH | 2022-07-28 | 2023-08-08 |
| CVE-2022-30318 json | Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEd... | 9.8 - CRITICAL | 2022-08-31 | 2022-09-07 |
| CVE-2022-30317 json | Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, the... | 9.1 - CRITICAL | 2022-08-31 | 2022-09-09 |
Known software with vulnerabilities from Honeywell
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Honeywell | Comfortpoint Open Manager Station | r100 |
| Hardware | Honeywell | Controledge Plc | - |
| Operating System | Honeywell | Controledge Plc Firmware | r130.2 |
| Hardware | Honeywell | Controledge Rtu | - |
| Operating System | Honeywell | Controledge Rtu Firmware | r101 |
| Application | Honeywell | Enterprise Buildings Integrator | r310 |
| Operating System | Honeywell | Excel Web Xl 1000c1000 600 I/o | 2.04.00 |
| Operating System | Honeywell | Excel Web Xl 1000c1000 600 I/o Uukl | 2.04.00 |
| Operating System | Honeywell | Excel Web Xl 1000c100u 104 I/o Uukl | 2.04.00 |
| Operating System | Honeywell | Excel Web Xl 1000c100 104 I/o | 2.04.00 |
| Operating System | Honeywell | Excel Web Xl 1000c500 300 I/o | 2.04.00 |
| Operating System | Honeywell | Excel Web Xl 1000c500 300 I/o Uukl | 2.04.00 |
| Operating System | Honeywell | Excel Web Xl 1000c50u 52 I/o Uukl | 2.04.00 |
| Operating System | Honeywell | Excel Web Xl 1000c50 52 I/o | 2.04.00 |
| Application | Honeywell | Experion Process Knowledge System | r311.2 |
| Hardware | Honeywell | Falcon Xlweb Linux Controller | 2.04.01 |
| Hardware | Honeywell | Falcon Xlweb Xlwebexe | 2.02.11 |
| Operating System | Honeywell | H2w2gr1 | - |
| Operating System | Honeywell | H2w2gr1 Firmware | - |
| Hardware | Honeywell | H2w2pc1m | - |