VYPR

Vendor CVEs

Honeywell

All CVEs

109 total · sorted by risk
  • CVE-2023-24480Jul 13, 2023
    risk 0.00cvss epss 0.01

    Controller DoS due to stack overflow when decoding a message from the server.  See Honeywell Security Notification for recommendations on upgrading and versioning.

  • CVE-2023-24474Jul 13, 2023
    risk 0.00cvss epss 0.01

    Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message

  • CVE-2023-23585Jul 13, 2023
    risk 0.00cvss epss 0.01

    Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation.  See Honeywell Security Notification for recommendations on upgrading and versioning.

  • CVE-2023-22435Jul 13, 2023
    risk 0.00cvss epss 0.01

    Experion server may experience a DoS due to a stack overflow when handling a specially crafted message.

  • CVE-2022-46361May 30, 2023
    risk 0.00cvss epss 0.00

    An attacker having physical access to WDM can plug USB device to gain access and execute unwanted commands. A malicious user could enter a system command along with a backup configuration, which could result in the execution of unwanted commands. This issue affects OneWireless…

  • CVE-2022-43485May 30, 2023
    risk 0.00cvss epss 0.00

    Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in client's JWT token. This issue affects OneWireless version 322.1

  • CVE-2022-4240May 30, 2023
    risk 0.00cvss epss 0.01

    Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows Authentication Bypass. This issue affects OneWireless version 322.1

  • CVE-2021-38397Oct 28, 2022
    risk 0.00cvss epss 0.01

    Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.

  • CVE-2021-38395Oct 28, 2022
    risk 0.00cvss epss 0.01

    Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.

  • CVE-2021-38399Oct 28, 2022
    risk 0.00cvss epss 0.01

    Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories.

  • CVE-2022-2332Sep 16, 2022
    risk 0.00cvss epss 0.00

    A local unprivileged attacker may escalate to administrator privileges in Honeywell SoftMaster version 4.51, due to insecure permission assignment.

  • CVE-2022-2333Sep 16, 2022
    risk 0.00cvss epss 0.01

    If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions.

  • CVE-2022-30318Aug 31, 2022
    risk 0.00cvss epss 0.01

    Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate…

  • CVE-2022-30317Aug 31, 2022
    risk 0.00cvss epss 0.01

    Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access (CDA) EpicMo protocol with unauthenticated functionality issue. The affected components are…

  • CVE-2022-30313Jul 28, 2022
    risk 0.00cvss epss 0.01

    Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0051, there is a Honeywell Experion PKS Safety Manager multiple proprietary protocols with unauthenticated functionality issue. The affected…

  • CVE-2022-30314Jul 28, 2022
    risk 0.00cvss epss 0.00

    Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate…

  • CVE-2022-30315Jul 28, 2022
    risk 0.00cvss epss 0.01

    Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0053, there is a Honeywell Experion PKS Safety Manager insufficient logic security controls issue. The affected components are…

  • CVE-2022-30316Jul 28, 2022
    risk 0.00cvss epss 0.00

    Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update…

  • CVE-2022-30245Jul 15, 2022
    risk 0.00cvss epss 0.01

    Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller…

  • CVE-2022-30244Jul 15, 2022
    risk 0.00cvss epss 0.01

    Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change…

  • CVE-2022-30243Jul 15, 2022
    risk 0.00cvss epss 0.01

    Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the…

  • CVE-2022-30242Jul 15, 2022
    risk 0.00cvss epss 0.01

    Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change…

  • CVE-2022-1261May 26, 2022
    risk 0.00cvss epss 0.01

    Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges.

  • CVE-2021-39363Feb 24, 2022
    risk 0.00cvss epss 0.01

    Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved.

  • CVE-2021-39364Feb 24, 2022
    risk 0.00cvss epss 0.01

    Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for camera control) after ARP cache poisoning has been achieved.

  • CVE-2020-25189Nov 21, 2020
    risk 0.00cvss epss 0.03

    The affected product is vulnerable to three stack-based buffer overflows, which may allow an unauthenticated attacker to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09).

  • CVE-2020-6974Apr 7, 2020
    risk 0.00cvss epss 0.02

    Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem.

  • CVE-2020-6978Mar 24, 2020
    risk 0.00cvss epss 0.01

    In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries.

  • CVE-2020-6982Mar 24, 2020
    risk 0.00cvss epss 0.01

    In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution.

  • CVE-2020-7005Mar 24, 2020
    risk 0.00cvss epss 0.01

    In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code.

  • CVE-2020-6972Mar 24, 2020
    risk 0.00cvss epss 0.01

    In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.

  • CVE-2020-6968Feb 20, 2020
    risk 0.00cvss epss 0.00

    Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files.

  • CVE-2020-6960Jan 22, 2020
    risk 0.00cvss epss 0.01

    The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6…

  • CVE-2019-18226Oct 31, 2019
    risk 0.00cvss epss 0.01

    Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products.

  • CVE-2019-18230Oct 31, 2019
    risk 0.00cvss epss 0.01

    Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP.

  • CVE-2019-18228Oct 31, 2019
    risk 0.00cvss epss 0.02

    Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service.

  • CVE-2019-13523Sep 26, 2019
    risk 0.00cvss epss 0.02

    In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without…

  • CVE-2019-14700Aug 6, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the filename specified in the TZ parameter is accessed with a substantial delay if…

  • CVE-2019-14701Aug 6, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the…

  • CVE-2019-14702Aug 6, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. SQL injection vulnerabilities exist in 13 forms that are reachable through HTTPD. An attacker can, for example, create an admin account.

  • CVE-2019-14703Aug 6, 2019
    risk 0.00cvss epss 0.01

    A CSRF issue was discovered in webparam?user&action=set&param=add in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 to create an admin account.

  • CVE-2019-14704Aug 6, 2019
    risk 0.00cvss epss 0.02

    An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field.

  • CVE-2019-14705Aug 6, 2019
    risk 0.00cvss epss 0.02

    An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin.

  • CVE-2019-14706Aug 6, 2019
    risk 0.00cvss epss 0.02

    A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not…

  • CVE-2019-14707Aug 6, 2019
    risk 0.00cvss epss 0.03

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The firmware update process is insecure, leading to remote code execution. The attacker can provide arbitrary firmware in a .dat file via a webparam?system&action=set&upgrade URI.

  • CVE-2019-14709Aug 6, 2019
    risk 0.00cvss epss 0.02

    A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further…

  • CVE-2014-5435Apr 8, 2019
    risk 0.00cvss epss 0.03

    An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and…

  • CVE-2014-5436Apr 8, 2019
    risk 0.00cvss epss 0.03

    A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running…

  • CVE-2014-9186Apr 8, 2019
    risk 0.00cvss epss 0.04

    A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code…

  • CVE-2014-9187Mar 25, 2019
    risk 0.00cvss epss 0.04

    Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly…