9 matches found
EUVD-2025-13247
Malicious code in bioql PyPI...
📄 Honeywell MB-Secure Command Injection
Honeywell MB-Secure versions 11.04 and up to 12.53 and PRO versions from 01.06 to 03.09 suffer from an authenticated command injection vulnerability. SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authenticated Comman...
The vulnerability of the microprogrammed control panel software for Honeywell MB-Secure and MB-Secure PRO devices arises from the lack of measures taken to neutralize special elements used in the operating system’s command sequence. This allows attackers to execute arbitrary commands with elevated privileges.
The vulnerability of the microprogrammed control panel software for Honeywell MB-Secure and MB-Secure PRO devices is related to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute...
CVE-2025-2605
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most...
CVE-2025-2605
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most...
CVE-2025-2605
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most...
CVE-2025-2605
CVE-2025-2605 is an OS command injection vulnerability in Honeywell MB-Secure and MB-Secure PRO. The issue arises from improper neutralization of special elements used in OS commands, enabling privilege abuse. Affected products and versions: MB-Secure from V11.04 before V12.53; MB-Secure PRO from...
CVE-2025-2605 Authenticated command injection
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most...
CVE-2025-2605 Authenticated command injection
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most...