What is CVE-2023-3712?

CVE-2023-3712 is a medium-severity vulnerability in Honeywell Pc23/43, Pd43, classified under Files or Directories Accessible to External Parties. CVSS score: 6.6/10. Published 2023-09-12.

How severe is CVE-2023-3712?

Medium severity. CVSS v3 base score is 6.6 out of 10.

Is CVE-2023-3712 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Honeywell Pc23/43, Pd43

CVE-2023-3712

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. Update to the latest avail…

EPSS: 0.001 (23.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.6 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H.

Affected products

Honeywell Pc23/43, Pd43 — versions 0
Honeywell Pd45, Px240 — versions 0
Honeywell Pm23/43 — versions 0
Honeywell Pm42 — versions 0
Honeywell Pm45 — versions 0
Honeywell Px45/65 — versions 0
Honeywell Px4ie/6ie — versions 0
Honeywell Px940 — versions 0
Honeywell Rp2f/rp4f — versions 0

Weakness classification (CWE)

CWE-552 — Files or Directories Accessible to External Parties

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2023-3712?: CVE-2023-3712 is a medium-severity vulnerability in Honeywell Pc23/43, Pd43, classified under Files or Directories Accessible to External Parties. CVSS score: 6.6/10. Published 2023-09-12.
How severe is CVE-2023-3712?: Medium severity. CVSS v3 base score is 6.6 out of 10.
Is CVE-2023-3712 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.