Vulnerabilidades em Honeywell
70 resultadosCVE-2023-5390MEDIUMAn attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC andEPSS 0.6%CVE-2023-24474HIGHServer deserialization missing boundary checks - heap overflow in communication between server and controllerEPSS 0.6%CVE-2023-23585CRITICALServer DoS due to heap overflowEPSS 0.5%CVE-2023-25078CRITICALDoS due to heap overflowEPSS 0.5%CVE-2023-26597HIGHController DOS on sending error responseEPSS 0.5%CVE-2023-3712MEDIUMPotential user privilege escalationEPSS 0.5%CVE-2022-4240MEDIUMUnauthenticated API allowing an attacker to obtain the information about network resourcesEPSS 0.5%CVE-2023-22435HIGH Server bad parsing implementation - stack overflow in server::get_db_path_for_driverEPSS 0.5%CVE-2023-5392HIGHC300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. HoneyweEPSS 0.5%CVE-2023-25948HIGHServer Data type confusion - info leak EPSS 0.5%CVE-2022-43485MEDIUMInsecure random number used for generating keys for signing Jwt tokensEPSS 0.5%CVE-2025-3946HIGHIncorrect response generation during FTEB protocol processingEPSS 0.5%CVE-2026-4272HIGHCVE-2026-4272 - Bluetooth Remote Execution of System Commands VulnerabilityEPSS 0.5%CVE-2023-5398MEDIUMServer receiving a malformed message based on a list of IPs resulting in heap corruption causing a denial of service. See Honeywell SecurityEPSS 0.4%CVE-2023-5407MEDIUMController denial of service due to improper handling of a specially crafted message received by the controller.
See Honeywell Security NotEPSS 0.4%CVE-2023-25178CRITICALController design flaw - unsigned firmwareEPSS 0.4%CVE-2025-2521HIGHLack of indexes’ validation against buffer borders leads to remote code execution.EPSS 0.4%CVE-2023-5405MEDIUMServer information leak for the CDA Server process memory can occur when an error is generated in response to a specially crafted message. SEPSS 0.4%CVE-2023-1841HIGHHoneywell MPA2 Web Application XSS vulnerabilityEPSS 0.4%CVE-2025-2520HIGHDereferencing of an uninitialized pointer leads to denial of service.EPSS 0.4%