Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Honeywell — Vulnerabilities & Security Advisories 70

Browse all 70 CVE security advisories affecting Honeywell. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Honeywell operates as a global technology and manufacturing conglomerate, primarily providing industrial automation, building technologies, and performance materials. With seventy recorded Common Vulnerabilities and Exposures (CVEs), its software and connected devices frequently exhibit vulnerabilities related to remote code execution, cross-site scripting, and privilege escalation. These flaws often stem from legacy industrial control systems or web-based management interfaces that lack rigorous input validation or secure authentication mechanisms. Notable security characteristics include the complexity of integrating disparate operational technology with IT networks, which expands the attack surface. While no single catastrophic incident dominates the public record comparable to major ransomware events, the cumulative risk involves potential disruption to critical infrastructure and building management systems. The company continues to address these technical debt issues through firmware updates and enhanced security protocols, though the historical prevalence of these vulnerability classes highlights ongoing challenges in securing legacy industrial environments against modern cyber threats.

Top products by Honeywell: Experion Server Experion PKS Saia PG5 Controls Suite C300 C300 PCNT02 OneWireless PM23/43 WIN-PACK PRO SoftMaster ControlEdge UOC Niagara Framework Barcode Scanners IQ4E I-HIB2PI-UL 2MP IP S35 3M/5M/8M/Pinhole/Kit Camera MB-Secure OneWireless Network Wireless Device Manager PC42t, PC42tp, and PC42d (Common Firmware) MPA2 Access Panel ProWatch Notifier Web Server (NWS) Version 3.50 and earlier INNCOM INNControl 3 Performance IP Cameras Mobile Computers
CVE IDTitleCVSSSeverityPublished
CVE-2026-4272 CVE-2026-4272 - Bluetooth Remote Execution of System Commands Vulnerability — Barcode ScannersCWE-306 8.1 High2026-04-05
CVE-2026-3611 Honeywell IQ4x BMS Controller Missing authentication for critical function — IQ4ECWE-306 10.0 Critical2026-03-12
CVE-2026-1670 Honeywell CCTV Products Missing Authentication for Critical Function — I-HIB2PI-UL 2MP IPCWE-306 9.8 Critical2026-02-17
CVE-2021-47868 WIN-PACK PRO 4.8 - 'WPCommandFileService' Unquoted Service Path — WIN-PACK PROCWE-428 7.8 High2026-01-21
CVE-2021-47866 WIN-PACK PRO 4.8 - 'GuardTourService' Unquoted Service Path — WIN-PACK PROCWE-428 7.8 High2026-01-21
CVE-2025-12351 Inadequate access control measure allows unauthorized users to access restricted administrative functions — S35 3M/5M/8M/Pinhole/Kit CameraCWE-639 6.8 Medium2025-10-27
CVE-2025-3947 Integer underflow during processing of short network packets in CDA FTEB responder — C300 PCNT02CWE-191 8.2 High2025-07-10
CVE-2025-3946 Incorrect response generation during FTEB protocol processing — C300 PCNT02CWE-430 8.2 High2025-07-10
CVE-2025-2523 Lack of buffer clearing before reuse may result in incorrect system behavior. — C300 PCNT02CWE-191 9.4 Critical2025-07-10
CVE-2025-2522 Lack of buffer clearing before reuse may result in incorrect system behavior. — C300 PCNT02CWE-226 6.5 Medium2025-07-10
CVE-2025-2521 Lack of indexes’ validation against buffer borders leads to remote code execution. — C300 PCNT02CWE-119 8.6 High2025-07-10
CVE-2025-2520 Dereferencing of an uninitialized pointer leads to denial of service. — C300 PCNT02CWE-457 7.5 High2025-07-10
CVE-2025-2605 Authenticated command injection — MB-SecureCWE-78 9.9 Critical2025-05-02
CVE-2023-5878 OneWireless command injection possible when updating firmware — OneWireless Network Wireless Device ManagerCWE-77 8.8 -2025-02-06
CVE-2024-6620 Honeywell多款产品 安全漏洞 — PC42t, PC42tp, and PC42d (Common Firmware)CWE-602 3.5 Low2024-07-29
CVE-2023-51604 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls SuiteCWE-611 5.5 -2024-05-03
CVE-2023-51605 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls SuiteCWE-611 5.5 -2024-05-03
CVE-2023-51603 Honeywell Saia PG5 Controls Suite CAB File Parsing Directory Traversal Remote Code Execution Vulnerability — Saia PG5 Controls SuiteCWE-22 7.8 -2024-05-03
CVE-2023-51601 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls SuiteCWE-611 5.5 -2024-05-03
CVE-2023-51602 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls SuiteCWE-611 5.5 -2024-05-03
CVE-2023-51600 Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability — Saia PG5 Controls SuiteCWE-611 5.5 -2024-05-03
CVE-2023-51599 Honeywell Saia PG5 Controls Suite Directory Traversal Remote Code Execution Vulnerability — Saia PG5 Controls SuiteCWE-22 7.8 -2024-05-03
CVE-2023-5407 Honeywell Experion Server 安全漏洞 — C300CWE-121 5.9 Medium2024-04-17
CVE-2023-5406 Honeywell Experion Server 安全漏洞 — Experion ServerCWE-787 5.9 Medium2024-04-17
CVE-2023-5405 Honeywell Experion Server 安全漏洞 — Experion ServerCWE-787 5.9 Medium2024-04-17
CVE-2023-5404 Honeywell Experion Server 安全漏洞 — Experion ServerCWE-122 8.1 High2024-04-17
CVE-2023-5403 Honeywell Experion Server 安全漏洞 — Experion ServerCWE-121 8.1 High2024-04-17
CVE-2023-5401 Honeywell Experion Server 安全漏洞 — Experion ServerCWE-121 8.1 High2024-04-17
CVE-2023-5400 Honeywell Experion Server 安全漏洞 — Experion ServerCWE-122 8.1 High2024-04-17
CVE-2023-5398 Honeywell Experion Server 安全漏洞 — Experion ServerCWE-1327 5.9 Medium2024-04-17

This page lists every published CVE security advisory associated with Honeywell. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.