70 matches found
CVE-2025-3946 Incorrect response generation during FTEB protocol processing
The Honeywell Experion PKS and OneWireless WDM contains a Deployment of Wrong Handler vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in incorrect handling of packets leading t...
CVE-2025-3946 Incorrect response generation during FTEB protocol processing
The Honeywell Experion PKS and OneWireless WDM contains a Deployment of Wrong Handler vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in incorrect handling of packets leading t...
CVE-2025-2523 Lack of buffer clearing before reuse may result in incorrect system behavior.
The Honeywell Experion PKS and OneWireless WDM contains an Integer Underflow vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in a failure during subtraction allowi...
CVE-2025-2523 Lack of buffer clearing before reuse may result in incorrect system behavior.
The Honeywell Experion PKS and OneWireless WDM contains an Integer Underflow vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in a failure during subtraction allowi...
CVE-2025-2522 Lack of buffer clearing before reuse may result in incorrect system behavior.
The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in buffer reuse which may...
CVE-2025-2522 Lack of buffer clearing before reuse may result in incorrect system behavior.
The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in buffer reuse which may...
CVE-2025-2521
CVE-2025-2521 concerns a memory buffer vulnerability in the Control Data Access (CDA) component of Honeywell’s Experion PKS and OneWireless WDM . The issue is an overread of buffers due to lack of proper index validation against buffer borders, which could lead to remote code execution . Affected...
CVE-2025-2521 Lack of indexes’ validation against buffer borders leads to remote code execution.
The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to an Overread Buffers, which could result in improper index validation against buffer borders leading ...
CVE-2025-2521 Lack of indexes’ validation against buffer borders leads to remote code execution.
The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to an Overread Buffers, which could result in improper index validation against buffer borders leading ...
Honeywell Experion PKS 缓冲区错误漏洞
Honeywell Experion PKS is a process automation system from Honeywell USA. A security vulnerability exists in Honeywell Experion PKS versions 520.1 through 520.2 TCU9 and 530 through 530 TCU3 and OneWireless WDM versions 322.1 through 322.4 and 330.1 through 330.3, which stems from a memory buffer...
Honeywell Experion PKS 安全漏洞
Honeywell Experion PKS is a process automation system from Honeywell USA. A security vulnerability exists in Honeywell Experion PKS versions 520.1 through 520.2 TCU9 and 530 through 530 TCU3 and OneWireless WDM versions 322.1 through 322.4 and 330.1 through 330.3, which stems from a faulty handle...
Honeywell Experion PKS 数字错误漏洞
Honeywell Experion PKS is a process automation system from Honeywell USA. A security vulnerability exists in Honeywell Experion PKS versions 520.1 through 520.2 TCU9 and 530 through 530 TCU3 and OneWireless WDM versions 322.1 through 322.4 and 330.1 through 330.3, which stems from an integer...
CVE-2022-46361
An attacker having physical access to WDM can plug USB device to gain access and execute unwanted commands. A malicious user could enter a system command along with a backup configuration, which could result in the execution of unwanted commands. This issue affects OneWireless all versions up to...
CVE-2022-43485
Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in client's JWT token. This issue affects OneWireless version 322.1...
CVE-2022-4240
Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows Authentication Bypass. This issue affects OneWireless version 322.1...
PT-2025-29162 · Honeywell · Onewireless Wdm +1
Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS versions 520.1 through 520.2 TCU9 Honeywell Experion PKS versions 530 through 530 TCU3 Honeywell OneWireless WDM versions 322.1 through 322.4 Honeywell OneWireless WDM versions 330.1 through 330.3 Description: The...
PT-2025-29161 · Honeywell · Onewireless Wdm +2
Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS versions 520.1 through 520.2 TCU9 Honeywell Experion PKS versions 530 through 530 TCU3 Honeywell OneWireless WDM versions 322.1 through 322.4 Honeywell OneWireless WDM versions 330.1 through 330.3 Honeywell OneWireless...
PT-2025-29159 · Honeywell · Experion Pks Hca +9
Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS versions prior to 520.2 TCU9 HF1 and versions prior to 530 TCU3 Honeywell OneWireless WDM versions 322.1 through 322.4 Honeywell OneWireless WDM versions 330.1 through 330.3 Honeywell Experion PKS C300, FIM4, FIM8, UOC,...
CVE-2023-5878
Honeywell OneWireless Wireless Device Manager WDM for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. An attacker who is authenticated could use the firmware update process to potentially exploit the vulnerability, leading ...
CVE-2023-5878
Honeywell OneWireless Wireless Device Manager WDM for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. An attacker who is authenticated could use the firmware update process to potentially exploit the vulnerability, leading ...