Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
honeywell vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2333
If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions.
Honeywell Softmaster 4.51
1 Github repository
570
VMScore
CVE-2020-6972
In Notifier Web Server (NWS) Version 3.50 and previous versions, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.
Honeywell Notifier Webserver
NA
CVE-2022-30245
Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configurat...
Honeywell Alerton Compass 1.6.5
801
VMScore
CVE-2022-1261
Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges.
Honeywell Matrikon Opc Server
445
VMScore
CVE-2020-27274
Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions before 6.3.0.8233).
Honeywell Opc Ua Tunneller
668
VMScore
CVE-2020-27297
The affected product is vulnerable to a heap-based buffer overflow, which may allow an malicious user to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions before 6.3.0.8233).
Honeywell Opc Ua Tunneller
570
VMScore
CVE-2020-27299
The affected product is vulnerable to an out-of-bounds read, which may allow an malicious user to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions before 6.3.0.8233).
Honeywell Opc Ua Tunneller
445
VMScore
CVE-2020-27295
The affected product has uncontrolled resource consumption issues, which may allow an malicious user to cause a denial-of-service condition on the OPC UA Tunneller (versions before 6.3.0.8233).
Honeywell Opc Ua Tunneller
828
VMScore
CVE-2011-0331
Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 780.0.20.5 allows remote malicious users to execute arbitrary code via a crafted HTML document.
Honeywell Scanserver Activex Control 780.0.20.5
668
VMScore
CVE-2014-5435
An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommen...
Honeywell Experion Process Knowledge System
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »