Filtered by vendor Honeywell
Subscribe
Total
97 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30244 | 1 Honeywell | 2 Alerton Ascent Control Module, Alerton Ascent Control Module Firmware | 2024-11-21 | N/A | 8.0 HIGH |
| Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller's function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. | |||||
| CVE-2022-30243 | 1 Honeywell | 2 Alterton Visual Logic, Alterton Visual Logic Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller's function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. | |||||
| CVE-2022-30242 | 1 Honeywell | 2 Alerton Ascent Control Module, Alerton Ascent Control Module Firmware | 2024-11-21 | N/A | 6.8 MEDIUM |
| Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller's function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered. | |||||
| CVE-2022-2333 | 1 Honeywell | 1 Softmaster | 2024-11-21 | N/A | 8.8 HIGH |
| If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions. | |||||
| CVE-2022-2332 | 1 Honeywell | 1 Softmaster | 2024-11-21 | N/A | 6.2 MEDIUM |
| A local unprivileged attacker may escalate to administrator privileges in Honeywell SoftMaster version 4.51, due to insecure permission assignment. | |||||
| CVE-2022-1261 | 1 Honeywell | 1 Matrikon Opc Server | 2024-11-21 | 9.0 HIGH | 5.8 MEDIUM |
| Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges. | |||||
| CVE-2021-39364 | 1 Honeywell | 4 Hbw2per1, Hbw2per1 Firmware, Hdzp252di and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for camera control) after ARP cache poisoning has been achieved. | |||||
| CVE-2021-39363 | 1 Honeywell | 4 Hbw2per1, Hbw2per1 Firmware, Hdzp252di and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved. | |||||
| CVE-2021-38399 | 1 Honeywell | 8 Application Control Environment, Application Control Environment Firmware, C200 and 5 more | 2024-11-21 | N/A | 7.5 HIGH |
| Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories. | |||||
| CVE-2021-38397 | 1 Honeywell | 8 Application Control Environment, Application Control Environment Firmware, C200 and 5 more | 2024-11-21 | N/A | 10.0 CRITICAL |
| Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. | |||||
| CVE-2021-38395 | 1 Honeywell | 8 Application Control Environment, Application Control Environment Firmware, C200 and 5 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. | |||||
| CVE-2020-7005 | 1 Honeywell | 1 Win-pak | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2020-6982 | 1 Honeywell | 1 Win-pak | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution. | |||||
| CVE-2020-6978 | 1 Honeywell | 1 Win-pak | 2024-11-21 | 6.4 MEDIUM | 7.2 HIGH |
| In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries. | |||||
| CVE-2020-6974 | 1 Honeywell | 1 Notifier Webserver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem. | |||||
| CVE-2020-6972 | 1 Honeywell | 1 Notifier Webserver | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. | |||||
| CVE-2020-6968 | 1 Honeywell | 2 Inncom Inncontrol, Inncom Inncontrol Firmware | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files. | |||||
| CVE-2020-6960 | 1 Honeywell | 12 Hnmswvms, Hnmswvms Firmware, Hnmswvmslt and 9 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch contain an SQL injection vulnerability that could give an attacker remote unauthenticated access to the web user interface with administrator-level privileges. | |||||
| CVE-2020-6959 | 1 Honeywell | 12 Hnmswvms, Hnmswvms Firmware, Hnmswvmslt and 9 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch are vulnerable to an unsafe deserialization of untrusted data. An attacker may be able to remotely modify deserialized data without authentication using a specially crafted web request, resulting in remote code execution. | |||||
| CVE-2020-27299 | 1 Honeywell | 1 Opc Ua Tunneller | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233). | |||||