<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>honeywell Archives - CVE Vulnerability</title>
	<atom:link href="https://cvevulnerability.com/cve_products/honeywell/feed/" rel="self" type="application/rss+xml" />
	<link>https://cvevulnerability.com/cve_products/honeywell/</link>
	<description></description>
	<lastBuildDate>Sun, 26 Feb 2023 06:35:53 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>

<image>
	<url>https://cvevulnerability.com/wp-content/uploads/2023/02/cropped-Screenshot-2023-02-27-at-3.52.32-PM-32x32.png</url>
	<title>honeywell Archives - CVE Vulnerability</title>
	<link>https://cvevulnerability.com/cve_products/honeywell/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>CVE-2020-10624</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2020-10624/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:35:53 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2020-10624/</guid>

					<description><![CDATA[<p>ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes a session token on the network.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2020-10624/">CVE-2020-10624</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes a session token on the network.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2020-10624/">CVE-2020-10624</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2020-10628</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2020-10628/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:35:53 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2020-10628/</guid>

					<description><![CDATA[<p>ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes unencrypted passwords on the network.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2020-10628/">CVE-2020-10628</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes unencrypted passwords on the network.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2020-10628/">CVE-2020-10628</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2019-18226</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2019-18226/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:31:42 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2019-18226/</guid>

					<description><![CDATA[<p>Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-18226/">CVE-2019-18226</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-18226/">CVE-2019-18226</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2019-18228</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2019-18228/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:31:42 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2019-18228/</guid>

					<description><![CDATA[<p>Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-18228/">CVE-2019-18228</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-18228/">CVE-2019-18228</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2019-18230</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2019-18230/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:31:42 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2019-18230/</guid>

					<description><![CDATA[<p>Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-18230/">CVE-2019-18230</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-18230/">CVE-2019-18230</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2019-13523</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2019-13523/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:30:17 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2019-13523/</guid>

					<description><![CDATA[<p>In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-13523/">CVE-2019-13523</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs (Network Video Recorders), which can be accessed without authentication over the network. Affected performance IP Cameras: HBD3PR2,H4D3PRV3,HED3PR3,H4D3PRV2,HBD3PR1,H4W8PR2,HBW8PR2,H2W2PC1M,H2W4PER3,H2W2PER3,HEW2PER3,HEW4PER3B,HBW2PER1,HEW4PER2,HEW4PER2B,HEW2PER2,H4W2PER2,HBW2PER2,H4W2PER3, and HPW2P1. Affected Performance Series NVRs: HEN08104,HEN08144,HEN081124,HEN16104,HEN16144,HEN16184,HEN16204,HEN162244,HEN16284,HEN16304,HEN16384,HEN32104,HEN321124,HEN32204,HEN32284,HEN322164,HEN32304, HEN32384,HEN323164,HEN64204,HEN64304,HEN643164,HEN643324,HEN643484,HEN04103,HEN04113,HEN04123,HEN08103,HEN08113,HEN08123,HEN08143,HEN16103,HEN16123,HEN16143,HEN16163,HEN04103L,HEN08103L,HEN16103L,HEN32103L.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-13523/">CVE-2019-13523</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2019-13525</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2019-13525/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:30:17 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2019-13525/</guid>

					<description><![CDATA[<p>In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-13525/">CVE-2019-13525</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2019-13525/">CVE-2019-13525</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2021-39363</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2021-39363/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Thu, 23 Feb 2023 14:11:29 +0000</pubDate>
				<guid isPermaLink="false">http://www.cvevulnerability.com/cve_vulnerabilities/cve-2021-39363/</guid>

					<description><![CDATA[<p>Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2021-39363/">CVE-2021-39363</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2021-39363/">CVE-2021-39363</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2021-39364</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2021-39364/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Thu, 23 Feb 2023 14:11:29 +0000</pubDate>
				<guid isPermaLink="false">http://www.cvevulnerability.com/cve_vulnerabilities/cve-2021-39364/</guid>

					<description><![CDATA[<p>Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for camera control) after ARP cache poisoning has been achieved.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2021-39364/">CVE-2021-39364</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for camera control) after ARP cache poisoning has been achieved.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2021-39364/">CVE-2021-39364</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2022-30318</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2022-30318/</link>
		
		<dc:creator><![CDATA[godfreyd94]]></dc:creator>
		<pubDate>Thu, 23 Feb 2023 05:18:37 +0000</pubDate>
				<guid isPermaLink="false">http://www.cvevulnerability.com/cve_vulnerabilities/cve-2022-30318/</guid>

					<description><![CDATA[<p>Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of service. The Honeywell ControlEdge PLC and RTU product line exposes an SSH service on port 22/TCP. Login as root [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2022-30318/">CVE-2022-30318</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of service. The Honeywell ControlEdge PLC and RTU product line exposes an SSH service on port 22/TCP. Login as root to this service is permitted and credentials for the root user are hardcoded without automatically changing them upon first commissioning. The credentials for the SSH service are hardcoded in the firmware. The credentials grant an attacker access to a root shell on the PLC/RTU, allowing for remote code execution, configuration manipulation and denial of service.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2022-30318/">CVE-2022-30318</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
