Vulnerabilities in Honeywell
70 resultsCVE-2023-3710CRITICALPrinter web page invalid command executionEPSS 33.1%CVE-2025-2605CRITICALAuthenticated command injectionEPSS 9.4%CVE-2026-3611CRITICALHoneywell IQ4x BMS Controller Missing authentication for critical functionEPSS 5.6%CVE-2014-9189—Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior tEPSS 5.2%CVE-2014-9186—A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x befEPSS 3.6%CVE-2014-9187—Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410EPSS 3.6%CVE-2014-5435—An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6EPSS 3.5%CVE-2014-5436—A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43EPSS 3.1%CVE-2019-13523—In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to EPSS 1.8%CVE-2023-51603HIGHHoneywell Saia PG5 Controls Suite CAB File Parsing Directory Traversal Remote Code Execution VulnerabilityEPSS 1.6%CVE-2023-51599HIGHHoneywell Saia PG5 Controls Suite Directory Traversal Remote Code Execution VulnerabilityEPSS 1.6%CVE-2020-6972—In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay atEPSS 1.3%CVE-2024-1309MEDIUMResource Consumption Identified in NTP before 4.2.4p8 and 4.2.5EPSS 1.0%CVE-2022-2333HIGHHoneywell SoftMaster Uncontrolled Search Path ElementEPSS 1.0%CVE-2023-5878CRITICALOneWireless command injection possible when updating firmwareEPSS 0.9%CVE-2021-38397CRITICALHoneywell Experion PKS and ACE Controllers Unrestricted Upload of File with Dangerous TypeEPSS 0.9%CVE-2023-3711MEDIUMPotential Predictable Session IDEPSS 0.9%CVE-2021-38395CRITICALHoneywell Experion PKS and ACE Controllers InjectionEPSS 0.9%CVE-2026-1670CRITICALHoneywell CCTV Products Missing Authentication for Critical FunctionEPSS 0.8%CVE-2018-14825—On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OEPSS 0.8%