Honeywell Security Vulnerabilities (CVEs)

Track 21 security vulnerabilities affecting Honeywell products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

10 Critical

9 High

2 Medium

Sort by:

🔔 Get Alerts for Honeywell

CVE-2025-2605 9.9

This OS command injection vulnerability in Honeywell MB-Secure allows attackers to execute arbitrary commands on affected systems, potentially leading...

May 2, 2025

CVE-2024-2420 9.8

CVE-2024-2420 is a critical authentication bypass vulnerability in LenelS2 NetBox access control systems due to hardcoded credentials. Attackers can g...

May 30, 2024

CVE-2024-2422 8.8

This vulnerability allows authenticated attackers to execute arbitrary commands on LenelS2 NetBox access control and event monitoring systems. Organiz...

May 30, 2024

CVE-2023-51605 6.5

This XXE vulnerability in Honeywell Saia PG5 Controls Suite allows attackers to read sensitive files from the system when users open malicious XML fil...

May 3, 2024

CVE-2023-51599 8.8

This vulnerability in Honeywell Saia PG5 Controls Suite allows remote attackers to execute arbitrary code by exploiting a directory traversal flaw in ...

May 3, 2024

CVE-2023-51601 6.5

This XXE vulnerability in Honeywell Saia PG5 Controls Suite allows attackers to disclose sensitive information by tricking users into opening maliciou...

May 3, 2024

CVE-2023-51603 8.8

This vulnerability in Honeywell Saia PG5 Controls Suite allows remote attackers to execute arbitrary code by tricking users into opening malicious CAB...

May 3, 2024

CVE-2023-1841 8.1

This CVE describes a cross-site scripting (XSS) vulnerability in Honeywell MPA2 Access Panel web server modules. Attackers can inject malicious script...

Feb 29, 2024

CVE-2023-5389 9.1

This vulnerability allows attackers to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC systems. Successful exploitation ...

Jan 30, 2024

CVE-2023-3710 9.9

This CVE describes a command injection vulnerability in Honeywell PM43 printers' web interface modules. Attackers can execute arbitrary commands on af...

Sep 12, 2023

CVE-2023-25948 7.5

This vulnerability allows attackers to obtain sensitive configuration data from Honeywell systems by sending specially crafted messages that trigger e...

Jul 13, 2023

CVE-2023-25178 9.8

This vulnerability allows attackers to load malicious firmware onto Honeywell controllers, potentially enabling remote code execution. It affects Hone...

Jul 13, 2023

CVE-2023-22435 7.5

This vulnerability allows remote attackers to cause a denial-of-service (DoS) condition on Experion servers by sending specially crafted messages that...

Jul 13, 2023

CVE-2023-23585 9.8

CVE-2023-23585 is a critical heap overflow vulnerability in Honeywell Experion servers that allows remote attackers to cause denial of service (DoS) b...

Jul 13, 2023

CVE-2023-24480 9.8

This vulnerability allows remote attackers to cause a denial-of-service (DoS) condition in affected Honeywell controllers by sending specially crafted...

Jul 13, 2023

CVE-2022-30315 9.8

Honeywell Experion PKS Safety Manager controllers lack cryptographic authentication for control logic downloads via the Safety Builder protocol, allow...

Jul 28, 2022

CVE-2022-30319 8.1

This vulnerability allows attackers to bypass authentication on Saia Burgess Controls (SBC) PCD controllers by spoofing UDP traffic on port 5050. Orga...

Jul 28, 2022

CVE-2022-30313 7.5

Honeywell Experion PKS Safety Manager lacks authentication on proprietary protocols, allowing unauthenticated attackers to manipulate controller state...

Jul 28, 2022

CVE-2022-30243 8.8

Honeywell Alerton Visual Logic controllers allow unauthenticated remote users to write and execute arbitrary code without verification. This enables a...

Jul 15, 2022

CVE-2021-39363 9.8

This vulnerability in Honeywell HDZP252DI and HBW2PER1 devices allows attackers to perform ARP cache poisoning, enabling video replay attacks. Attacke...

Feb 24, 2022

CVE-2020-27297 9.8

This vulnerability allows remote attackers to execute arbitrary code on affected OPC UA Tunneller systems through a heap-based buffer overflow. Attack...

Jan 26, 2021

Why Monitor Honeywell Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 21+ known vulnerabilities affecting Honeywell products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Honeywell packages in under 60 seconds. No agents required - completely agentless scanning that works across Honeywell deployments.

Free vulnerability database: Access detailed information about every Honeywell CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Honeywell CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Honeywell CVEs Free