| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-6179 | Incorrect Permission assignment to program executable folders | Honeywell | ProWatch | High | 7.8 | 2023-11-17 17:03:33 | Deep Dive |
| CVE-2023-3712 | Potential user privilege escalation | Honeywell | PM23/43 | Medium | 6.6 | 2023-09-12 19:59:00 | Deep Dive |
| CVE-2023-3711 | Potential Predictable Session ID | Honeywell | PM23/43 | Medium | 6.4 | 2023-09-12 19:57:50 | Deep Dive |
| CVE-2023-3710 | Printer web page invalid command execution | Honeywell | PM23/43 | Critical | 9.9 | 2023-09-12 19:55:42 | Deep Dive |
| CVE-2023-25948 | Server Data type confusion - info leak | Honeywell | Experion Server | High | 7.5 | 2023-07-13 11:09:31 | Deep Dive |
| CVE-2023-26597 | Controller DOS on sending error response | Honeywell | C300 | High | 7.5 | 2023-07-13 11:04:55 | Deep Dive |
| CVE-2023-25770 | Controller stack overflow on decoding messages from the server | Honeywell | C300 | Critical | 9.8 | 2023-07-13 10:59:59 | Deep Dive |
| CVE-2023-25178 | Controller design flaw - unsigned firmware | Honeywell | C300 | Critical | 9.8 | 2023-07-13 10:59:16 | Deep Dive |
| CVE-2023-25078 | DoS due to heap overflow | Honeywell | Experion Server | Critical | 9.8 | 2023-07-13 10:58:34 | Deep Dive |
| CVE-2023-24480 | Controller stack overflow when decoding messages from the server | Honeywell | C300 | Critical | 9.8 | 2023-07-13 10:57:47 | Deep Dive |
| CVE-2023-24474 | Server deserialization missing boundary checks - heap overflow in communication between server and controller | Honeywell | Experion Server | High | 7.5 | 2023-07-13 10:56:02 | Deep Dive |
| CVE-2023-23585 | Server DoS due to heap overflow | Honeywell | Experion Server | Critical | 9.8 | 2023-07-13 10:55:00 | Deep Dive |
| CVE-2023-22435 | Server bad parsing implementation - stack overflow in server::get_db_path_for_driver | Honeywell | Experion Server | High | 7.5 | 2023-07-13 10:53:45 | Deep Dive |
| CVE-2022-46361 | Physical access to the WDM enables use of USB device to gain access to the WDM | Honeywell | OneWireless | Medium | 6.9 | 2023-05-30 16:21:37 | Deep Dive |
| CVE-2022-43485 | Insecure random number used for generating keys for signing Jwt tokens | Honeywell | OneWireless | Medium | 6.2 | 2023-05-30 16:19:24 | Deep Dive |
| CVE-2022-4240 | Unauthenticated API allowing an attacker to obtain the information about network resources | Honeywell | OneWireless | Medium | 6.5 | 2023-05-30 16:15:51 | Deep Dive |
| CVE-2021-38397 | Honeywell Experion PKS and ACE Controllers Unrestricted Upload of File with Dangerous Type | Honeywell | Experion PKS | Critical | 10.0 | 2022-10-28 01:21:36 | Deep Dive |
| CVE-2021-38395 | Honeywell Experion PKS and ACE Controllers Injection | Honeywell | Experion PKS | Critical | 9.1 | 2022-10-28 01:20:24 | Deep Dive |
| CVE-2021-38399 | Honeywell Experion PKS and ACE Controllers Relative Path Traversal | Honeywell | Experion PKS | High | 7.5 | 2022-10-28 01:19:03 | Deep Dive |
| CVE-2022-2332 | Honeywell SoftMaster Incorrect Permission Assignment for Critical Resource | Honeywell | SoftMaster | Medium | 6.2 | 2022-09-16 20:18:46 | Deep Dive |