Honeywell C300
6 CVEs affecting Honeywell C300. Latest disclosed: 2024-04-17. Critical: 3, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-25770 | Critical | 9.8 | 2023-07-13 | Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message. See Honeywell Security Notification for… |
CVE-2023-25178 | Critical | 9.8 | 2023-07-13 | Controller may be loaded with malicious firmware which could enable remote code execution. See Honeywell Security Notification for recommendations on upgrading… |
CVE-2023-24480 | Critical | 9.8 | 2023-07-13 | Controller DoS due to stack overflow when decoding a message from the server. See Honeywell Security Notification for recommendations on upgrading and versio… |
CVE-2023-5392 | High | 7.5 | 2024-04-11 | C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. Honeywell recommends updat… |
CVE-2023-26597 | High | 7.5 | 2023-07-13 | Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. See Honeywell Security Notification for recomm… |
CVE-2023-5407 | Medium | 5.9 | 2024-04-17 | Controller denial of service due to improper handling of a specially crafted message received by the controller. See Honeywell Security Notification for recom… |