5 matches found
CVE-2022-30242
Honeywell Alerton Ascent Control Module ACM through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller...
Design/Logic Flaw
Honeywell Alerton Ascent Control Module ACM through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller...
CVE-2022-30245
CVE-2022-30245 affects Honeywell Alerton Compass Software 1.6.5. The flaw allows unauthenticated configuration changes from remote users, enabling a crafted packet to alter the controller’s configuration. The changed configuration may not be reflected in the User Interface, creating an inconsiste...
CVE-2022-30242
Honeywell Alerton Ascent Control Module (ACM) up to 2022-05-04 is affected by CVE-2022-30242, allowing unauthenticated configuration changes from remote users. The root issue is unprotected remote configuration access that can store altered configuration on the controller and implement it, creati...
CVE-2021-31338
A vulnerability has been identified in SINEMA Remote Connect Client All versions V3.0 SP1. Affected devices allow to modify configuration settings over an unauthenticated channel. This could allow a local attacker to escalate privileges and execute own code on the device...