What is CVE-2023-3710?

CVE-2023-3710 is a critical-severity vulnerability in Honeywell Pc23/43, Pd43, classified under Improper Input Validation. CVSS score: 9.9/10. Published 2023-09-12.

How severe is CVE-2023-3710?

Critical severity. CVSS v3 base score is 9.9 out of 10.

Is CVE-2023-3710 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Honeywell Pc23/43, Pd43

CVE-2023-3710

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the re…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.917 (99.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.9 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H.

Affected products

Honeywell Pc23/43, Pd43 — versions 0
Honeywell Pd45, Px240 — versions 0
Honeywell Pm23/43 — versions 0
Honeywell Pm42 — versions 0
Honeywell Pm45 — versions 0
Honeywell Px45/65 — versions 0
Honeywell Px4ie/6ie — versions 0
Honeywell Px940 — versions 0
Honeywell Rp2f/rp4f — versions 0

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2023-3710?: CVE-2023-3710 is a critical-severity vulnerability in Honeywell Pc23/43, Pd43, classified under Improper Input Validation. CVSS score: 9.9/10. Published 2023-09-12.
How severe is CVE-2023-3710?: Critical severity. CVSS v3 base score is 9.9 out of 10.
Is CVE-2023-3710 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.