Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
honeywell vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-7005
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an malicious user to remotely execute arbitrary code.
Honeywell Win-pak
7.8
CVSSv3
CVE-2022-2333
If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions.
Honeywell Softmaster 4.51
1 Github repository
6.5
CVSSv3
CVE-2022-30245
Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configurat...
Honeywell Alerton Compass 1.6.5
9.1
CVSSv3
CVE-2020-27299
The affected product is vulnerable to an out-of-bounds read, which may allow an malicious user to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions before 6.3.0.8233).
Honeywell Opc Ua Tunneller
7.5
CVSSv3
CVE-2020-27274
Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions before 6.3.0.8233).
Honeywell Opc Ua Tunneller
7.5
CVSSv3
CVE-2020-27295
The affected product has uncontrolled resource consumption issues, which may allow an malicious user to cause a denial-of-service condition on the OPC UA Tunneller (versions before 6.3.0.8233).
Honeywell Opc Ua Tunneller
9.8
CVSSv3
CVE-2020-27297
The affected product is vulnerable to a heap-based buffer overflow, which may allow an malicious user to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions before 6.3.0.8233).
Honeywell Opc Ua Tunneller
8.8
CVSSv3
CVE-2022-1261
Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges.
Honeywell Matrikon Opc Server
9.8
CVSSv3
CVE-2014-9186
A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code execution...
Honeywell Experion Process Knowledge System
9.8
CVSSv3
CVE-2014-9187
Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly en...
Honeywell Experion Process Knowledge System
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »