Honeywell Application_control_environment_firmware
3 CVEs affecting Honeywell Application_control_environment_firmware. Latest disclosed: 2022-10-28. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-38397 | Critical | 10.0 | 2022-10-28 | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbi… |
CVE-2021-38395 | Critical | 9.1 | 2022-10-28 | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attac… |
CVE-2021-38399 | High | 7.5 | 2022-10-28 | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized fil… |