VYPR

OneWireless WDM

by Honeywell

CVEs (7)

  • CVE-2025-2523CriJul 10, 2025
    risk 0.61cvss 9.4epss 0.01

    The Honeywell Experion PKS and OneWireless WDM contains an Integer Underflow vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in a…

  • CVE-2025-2521HigJul 10, 2025
    risk 0.56cvss 8.6epss 0.00

    The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to an Overread Buffers, which could result in improper index validation against…

  • CVE-2025-3946HigJul 10, 2025
    risk 0.53cvss 8.2epss 0.00

    The Honeywell Experion PKS and OneWireless WDM contains a Deployment of Wrong Handler vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in…

  • CVE-2022-46361MedMay 30, 2023
    risk 0.45cvss 6.9epss 0.00

    An attacker having physical access to WDM can plug USB device to gain access and execute unwanted commands. A malicious user could enter a system command along with a backup configuration, which could result in the execution of unwanted commands. This issue affects OneWireless…

  • CVE-2025-2522MedJul 10, 2025
    risk 0.42cvss 6.5epss 0.00

    The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result…

  • CVE-2022-4240MedMay 30, 2023
    risk 0.42cvss 6.5epss 0.01

    Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows Authentication Bypass. This issue affects OneWireless version 322.1

  • CVE-2022-43485MedMay 30, 2023
    risk 0.40cvss 6.2epss 0.00

    Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in client's JWT token. This issue affects OneWireless version 322.1