Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

Positive Technologies
Positive Technologiesadded 2024/01/30 12:0 a.m.3 views

PT-2024-1408 · Honeywell · Honeywell Experion Controledge Virtualuoc +1

Name of the Vulnerable Software and Affected Versions: Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC affected versions not specified Description: The issue is related to the use of dangerous methods or functions in the Configuration Handler component of the Honeywell Experion...

9.1CVSS7AI score0.00134EPSS
Exploits0References11
OSV
OSVadded 2022/08/31 4:15 p.m.1 views

CVE-2022-30318

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...

9.8CVSS6AI score
Exploits0References2
NVD
NVDadded 2022/08/31 4:15 p.m.10 views

CVE-2022-30318

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...

9.8CVSS0.03393EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2022/08/31 4:15 p.m.1 views

CVE-2022-30318

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...

9.8CVSS7.5AI score0.03393EPSS
Exploits0References3
Prion
Prionadded 2022/08/31 4:15 p.m.12 views

Hardcoded credentials

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...

7.5CVSS9.6AI score0.03393EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2022/08/31 3:39 p.m.77 views

CVE-2022-30318

CVE-2022-30318 affects Honeywell ControlEdge (PLC/RTU) through R151.1, where the SSH service on port 22 uses root credentials that are hardcoded and not automatically changed at first commissioning. This creates a vulnerability to remote code execution, configuration manipulation, and denial of s...

9.8CVSS9.5AI score0.03393EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/08/31 3:39 p.m.14 views

CVE-2022-30318

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of...

9.8AI score0.03393EPSS
Exploits0References2
ICS
ICSadded 2022/08/30 12:0 a.m.30 views

Honeywell ControlEdge

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: ControlEdge Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report known as “OT:ICEFALL” that details vulnerabilities found in multiple...

9.8CVSS10AI score0.03393EPSS
Exploits0References5
CNNVD
CNNVDadded 2022/08/30 12:0 a.m.3 views

Honeywell ControlEdge PLC 信任管理问题漏洞

TCP Transmission Control Protocol is a connection-oriented, reliable, byte-stream-based transport layer communication protocol defined by IETF RFC 793.Honeywell ControlEdge PLC is a Honeywell programmable Logic Controller PLC from Honeywell. A trust management issue vulnerability exists in the...

9.8CVSS7AI score0.03393EPSS
Exploits0References5
BDU FSTEC
BDU FSTECadded 2022/06/27 12:0 a.m.0 views

The vulnerability of microprogrammed software in programmable logic controllers like ControlEdge, which stems from the use of rigidly encoded user data, allows attackers to exploit their privileges.

The vulnerability of microprogrammed software in programmable logic controllers like ControlEdge stems from the use of rigidly encoded user data. Exploiting this vulnerability could allow an attacker to enhance their privileges remotely...

10CVSS5.4AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2022/06/22 12:0 a.m.5 views

PT-2022-3083 · Honeywell · Honeywell Controledge

Name of the Vulnerable Software and Affected Versions: Honeywell ControlEdge versions through R151.1 Description: The issue is related to the use of hard-coded credentials in the Honeywell ControlEdge programmable logic controllers. This could allow a remote attacker to gain elevated privileges...

9.8CVSS9.5AI score0.03393EPSS
Exploits0References7
OSV
OSVadded 2020/06/26 5:15 p.m.0 views

CVE-2020-10628

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes unencrypted passwords on the network...

7.5CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2020/06/26 5:15 p.m.11 views

CVE-2020-10628

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes unencrypted passwords on the network...

7.5CVSS0.00114EPSS
Exploits0References1
OSV
OSVadded 2020/06/26 5:15 p.m.2 views

CVE-2020-10624

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes a session token on the network...

7.5CVSS7.2AI score
Exploits0References1
NVD
NVDadded 2020/06/26 5:15 p.m.10 views

CVE-2020-10624

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes a session token on the network...

7.5CVSS0.00114EPSS
Exploits0References1
Prion
Prionadded 2020/06/26 5:15 p.m.14 views

Design/Logic Flaw

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes a session token on the network...

5CVSS7.5AI score0.00114EPSS
Exploits0References1Affected Software2
Prion
Prionadded 2020/06/26 5:15 p.m.9 views

Design/Logic Flaw

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes unencrypted passwords on the network...

5CVSS7.5AI score0.00114EPSS
Exploits0References1Affected Software2
Cvelist
Cvelistadded 2020/06/26 4:22 p.m.13 views

CVE-2020-10624

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes a session token on the network...

7.6AI score0.00114EPSS
Exploits0References1
CVE
CVEadded 2020/06/26 4:22 p.m.39 views

CVE-2020-10624

CVE-2020-10624 affects Honeywell ControlEdge PLC (R130.2, R140, R150, R151) and ControlEdge RTU (R101, R110, R140, R150, R151). The vulnerability leads to a session token being exposed on the network due to cleartext transmission of sensitive information. NVD CVSS data indicates an impact: confid...

7.5CVSS7.5AI score0.00114EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/06/26 4:6 p.m.16 views

CVE-2020-10628

ControlEdge PLC R130.2, R140, R150, and R151 and RTU R101, R110, R140, R150, and R151 exposes unencrypted passwords on the network...

7.6AI score0.00114EPSS
Exploits0References1
Rows per page
Query Builder