Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for PM45 by Honeywell

    CVE-2023-3712 (GCVE-0-2023-3712)

    Vulnerability from nvd – Published: 2023-09-12 19:59 – Updated: 2025-09-12 19:33
    VLAI
    Title
    Potential user privilege escalation
    Summary
    Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004.  Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    Impacted products
    Vendor Product Version
    Honeywell PM23/43 Affected: 0 , < P10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PC23/43, PD43 Affected: 0 , < K10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < T10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < L10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX4ie/6ie Affected: 0 , < A10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX45/65 Affected: 0 , < B10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PD45, PX240 Affected: 0 , < F10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX940 Affected: 0 , < H10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM45 Affected: 0 , < J10.19.050004 (semver)
    Create a notification for this product.
    Honeywell RP2f/RP4f Affected: 0 , < M10.19.050006 (semver)
    Create a notification for this product.
    Credits
    Jinqi Lai (Independent Security Researcher)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.520Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.honeywell.com/us/en/product-security"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3712",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T14:54:07.219279Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T15:19:21.057Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Printer web page"
              ],
              "platforms": [
                "32 bit"
              ],
              "product": "PM23/43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "P10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PC23/43, PD43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "K10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "T10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "L10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX4ie/6ie",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "A10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX45/65",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "B10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PD45, PX240",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "F10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX940",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "H10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM45",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "J10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "RP2f/RP4f",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "M10.19.050006",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jinqi Lai (Independent Security Researcher)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.\u003cp\u003eThis issue affects PM43 versions prior to P10.19.050004.\u0026nbsp;\n\nUpdate to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\u003c/p\u003e"
                }
              ],
              "value": "Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004.\u00a0\n\nUpdate to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006)."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552 Files or Directories Accessible to External Parties",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T19:33:38.362Z",
            "orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
            "shortName": "Honeywell"
          },
          "references": [
            {
              "url": "https://www.honeywell.com/us/en/product-security"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Potential user privilege escalation",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
        "assignerShortName": "Honeywell",
        "cveId": "CVE-2023-3712",
        "datePublished": "2023-09-12T19:59:00.396Z",
        "dateReserved": "2023-07-17T13:59:27.158Z",
        "dateUpdated": "2025-09-12T19:33:38.362Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3711 (GCVE-0-2023-3711)

    Vulnerability from nvd – Published: 2023-09-12 19:57 – Updated: 2025-09-12 19:32
    VLAI
    Title
    Potential Predictable Session ID
    Summary
    Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honeywell PM23/43 Affected: 0 , < P10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PC23/43, PD43 Affected: 0 , < K10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < T10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < L10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX4ie/6ie Affected: 0 , < A10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX45/65 Affected: 0 , < B10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PD45, PX240 Affected: 0 , < F10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX940 Affected: 0 , < H10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM45 Affected: 0 , < J10.19.050004 (semver)
    Create a notification for this product.
    Honeywell RP2f/RP4f Affected: 0 , < M10.19.050006 (semver)
    Create a notification for this product.
    Credits
    Jinqi Lai (Independent Security Researcher)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.360Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.honeywell.com/us/en/product-security"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3711",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T14:56:40.504011Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T15:21:02.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Printer web page"
              ],
              "platforms": [
                "32 bit"
              ],
              "product": "PM23/43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "P10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PC23/43, PD43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "K10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "T10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "L10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX4ie/6ie",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "A10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX45/65",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "B10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PD45, PX240",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "F10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX940",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "H10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM45",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "J10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "RP2f/RP4f",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "M10.19.050006",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jinqi Lai (Independent Security Researcher)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.\u003cp\u003eThis issue affects PM43 versions prior to P10.19.050004.\u0026nbsp;Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\u003c/p\u003e"
                }
              ],
              "value": "Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004.\u00a0Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006)."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-59",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-59 Session Credential Falsification through Prediction"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-384",
                  "description": "CWE-384 Session Fixation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T19:32:41.660Z",
            "orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
            "shortName": "Honeywell"
          },
          "references": [
            {
              "url": "https://www.honeywell.com/us/en/product-security"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Potential Predictable Session ID",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
        "assignerShortName": "Honeywell",
        "cveId": "CVE-2023-3711",
        "datePublished": "2023-09-12T19:57:50.393Z",
        "dateReserved": "2023-07-17T13:59:26.270Z",
        "dateUpdated": "2025-09-12T19:32:41.660Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3710 (GCVE-0-2023-3710)

    Vulnerability from nvd – Published: 2023-09-12 19:55 – Updated: 2025-09-12 19:31
    VLAI Shadowserver KEVIntel
    Title
    Printer web page invalid command execution
    Summary
    Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Honeywell PM23/43 Affected: 0 , < P10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PC23/43, PD43 Affected: 0 , < K10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < T10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < L10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX4ie/6ie Affected: 0 , < A10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX45/65 Affected: 0 , < B10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PD45, PX240 Affected: 0 , < F10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX940 Affected: 0 , < H10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM45 Affected: 0 , < J10.19.050004 (semver)
    Create a notification for this product.
    Honeywell RP2f/RP4f Affected: 0 , < M10.19.050006 (semver)
    Create a notification for this product.
    honeywell pm23_43 Affected: 0 , < P10.19.050004 (semver)
        cpe:2.3:a:honeywell:pm23_43:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell pc23_43 Affected: 0 , < K10.19.050004 (semver)
        cpe:2.3:a:honeywell:pc23_43:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell pd43 Affected: 0 , < K10.19.050004 (semver)
        cpe:2.3:a:honeywell:pd43:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell pm42 Affected: 0 , < T10.19.050004 (semver)
    Affected: 0 , < L10.19.050004 (semver)
        cpe:2.3:a:honeywell:pm42:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px4ie_6ie Affected: 0 , < A10.19.050004 (semver)
        cpe:2.3:a:honeywell:px4ie_6ie:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px45_65 Affected: 0 , < B10.19.050004 (semver)
        cpe:2.3:a:honeywell:px45_65:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px45 Affected: 0 , < F10.19.050004 (semver)
        cpe:2.3:a:honeywell:px45:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px240 Affected: 0 , < F10.19.050004 (semver)
        cpe:2.3:a:honeywell:px240:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px940 Affected: 0 , < H10.19.050004 (semver)
        cpe:2.3:a:honeywell:px940:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell pm45 Affected: 0 , < J10.19.050004 (semver)
        cpe:2.3:a:honeywell:pm45:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell rp2f_rp4f Affected: 0 , < M10.19.050006 (semver)
        cpe:2.3:a:honeywell:rp2f_rp4f:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Jinqi Lai (Independent Security Researcher)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.525Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.honeywell.com/us/en/product-security"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pm23_43:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pm23_43",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "P10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pc23_43:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pc23_43",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "K10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pd43:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pd43",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "K10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pm42:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pm42",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "T10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "L10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px4ie_6ie:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px4ie_6ie",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "A10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px45_65:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px45_65",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "B10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px45:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px45",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "F10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px240:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px240",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "F10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px940:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px940",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "H10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pm45:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pm45",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "J10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:rp2f_rp4f:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "rp2f_rp4f",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "M10.19.050006",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3710",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-26T13:53:08.275292Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T15:13:06.021Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Printer web page"
              ],
              "platforms": [
                "32 bit"
              ],
              "product": "PM23/43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "P10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PC23/43, PD43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "K10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "T10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "L10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX4ie/6ie",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "A10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX45/65",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "B10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PD45, PX240",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "F10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX940",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "H10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM45",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "J10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "RP2f/RP4f",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "M10.19.050006",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jinqi Lai (Independent Security Researcher)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.\u003cp\u003eThis issue affects PM43 versions prior to P10.19.050004.\u0026nbsp;Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\u003c/p\u003e"
                }
              ],
              "value": "Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004.\u00a0Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006)."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T19:31:57.851Z",
            "orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
            "shortName": "Honeywell"
          },
          "references": [
            {
              "url": "https://www.honeywell.com/us/en/product-security"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Printer web page invalid command execution",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
        "assignerShortName": "Honeywell",
        "cveId": "CVE-2023-3710",
        "datePublished": "2023-09-12T19:55:41.805Z",
        "dateReserved": "2023-07-17T13:59:22.320Z",
        "dateUpdated": "2025-09-12T19:31:57.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3712 (GCVE-0-2023-3712)

    Vulnerability from cvelistv5 – Published: 2023-09-12 19:59 – Updated: 2025-09-12 19:33
    VLAI
    Title
    Potential user privilege escalation
    Summary
    Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004.  Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    Impacted products
    Vendor Product Version
    Honeywell PM23/43 Affected: 0 , < P10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PC23/43, PD43 Affected: 0 , < K10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < T10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < L10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX4ie/6ie Affected: 0 , < A10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX45/65 Affected: 0 , < B10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PD45, PX240 Affected: 0 , < F10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX940 Affected: 0 , < H10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM45 Affected: 0 , < J10.19.050004 (semver)
    Create a notification for this product.
    Honeywell RP2f/RP4f Affected: 0 , < M10.19.050006 (semver)
    Create a notification for this product.
    Credits
    Jinqi Lai (Independent Security Researcher)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.520Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.honeywell.com/us/en/product-security"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3712",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T14:54:07.219279Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T15:19:21.057Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Printer web page"
              ],
              "platforms": [
                "32 bit"
              ],
              "product": "PM23/43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "P10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PC23/43, PD43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "K10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "T10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "L10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX4ie/6ie",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "A10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX45/65",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "B10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PD45, PX240",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "F10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX940",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "H10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM45",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "J10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "RP2f/RP4f",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "M10.19.050006",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jinqi Lai (Independent Security Researcher)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.\u003cp\u003eThis issue affects PM43 versions prior to P10.19.050004.\u0026nbsp;\n\nUpdate to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\u003c/p\u003e"
                }
              ],
              "value": "Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004.\u00a0\n\nUpdate to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006)."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552 Files or Directories Accessible to External Parties",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T19:33:38.362Z",
            "orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
            "shortName": "Honeywell"
          },
          "references": [
            {
              "url": "https://www.honeywell.com/us/en/product-security"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Potential user privilege escalation",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
        "assignerShortName": "Honeywell",
        "cveId": "CVE-2023-3712",
        "datePublished": "2023-09-12T19:59:00.396Z",
        "dateReserved": "2023-07-17T13:59:27.158Z",
        "dateUpdated": "2025-09-12T19:33:38.362Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3711 (GCVE-0-2023-3711)

    Vulnerability from cvelistv5 – Published: 2023-09-12 19:57 – Updated: 2025-09-12 19:32
    VLAI
    Title
    Potential Predictable Session ID
    Summary
    Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honeywell PM23/43 Affected: 0 , < P10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PC23/43, PD43 Affected: 0 , < K10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < T10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < L10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX4ie/6ie Affected: 0 , < A10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX45/65 Affected: 0 , < B10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PD45, PX240 Affected: 0 , < F10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX940 Affected: 0 , < H10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM45 Affected: 0 , < J10.19.050004 (semver)
    Create a notification for this product.
    Honeywell RP2f/RP4f Affected: 0 , < M10.19.050006 (semver)
    Create a notification for this product.
    Credits
    Jinqi Lai (Independent Security Researcher)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.360Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.honeywell.com/us/en/product-security"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3711",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-25T14:56:40.504011Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-25T15:21:02.903Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Printer web page"
              ],
              "platforms": [
                "32 bit"
              ],
              "product": "PM23/43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "P10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PC23/43, PD43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "K10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "T10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "L10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX4ie/6ie",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "A10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX45/65",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "B10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PD45, PX240",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "F10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX940",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "H10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM45",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "J10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "RP2f/RP4f",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "M10.19.050006",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jinqi Lai (Independent Security Researcher)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.\u003cp\u003eThis issue affects PM43 versions prior to P10.19.050004.\u0026nbsp;Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\u003c/p\u003e"
                }
              ],
              "value": "Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004.\u00a0Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006)."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-59",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-59 Session Credential Falsification through Prediction"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-384",
                  "description": "CWE-384 Session Fixation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T19:32:41.660Z",
            "orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
            "shortName": "Honeywell"
          },
          "references": [
            {
              "url": "https://www.honeywell.com/us/en/product-security"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Potential Predictable Session ID",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
        "assignerShortName": "Honeywell",
        "cveId": "CVE-2023-3711",
        "datePublished": "2023-09-12T19:57:50.393Z",
        "dateReserved": "2023-07-17T13:59:26.270Z",
        "dateUpdated": "2025-09-12T19:32:41.660Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3710 (GCVE-0-2023-3710)

    Vulnerability from cvelistv5 – Published: 2023-09-12 19:55 – Updated: 2025-09-12 19:31
    VLAI Shadowserver KEVIntel
    Title
    Printer web page invalid command execution
    Summary
    Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Honeywell PM23/43 Affected: 0 , < P10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PC23/43, PD43 Affected: 0 , < K10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < T10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM42 Affected: 0 , < L10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX4ie/6ie Affected: 0 , < A10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX45/65 Affected: 0 , < B10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PD45, PX240 Affected: 0 , < F10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PX940 Affected: 0 , < H10.19.050004 (semver)
    Create a notification for this product.
    Honeywell PM45 Affected: 0 , < J10.19.050004 (semver)
    Create a notification for this product.
    Honeywell RP2f/RP4f Affected: 0 , < M10.19.050006 (semver)
    Create a notification for this product.
    honeywell pm23_43 Affected: 0 , < P10.19.050004 (semver)
        cpe:2.3:a:honeywell:pm23_43:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell pc23_43 Affected: 0 , < K10.19.050004 (semver)
        cpe:2.3:a:honeywell:pc23_43:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell pd43 Affected: 0 , < K10.19.050004 (semver)
        cpe:2.3:a:honeywell:pd43:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell pm42 Affected: 0 , < T10.19.050004 (semver)
    Affected: 0 , < L10.19.050004 (semver)
        cpe:2.3:a:honeywell:pm42:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px4ie_6ie Affected: 0 , < A10.19.050004 (semver)
        cpe:2.3:a:honeywell:px4ie_6ie:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px45_65 Affected: 0 , < B10.19.050004 (semver)
        cpe:2.3:a:honeywell:px45_65:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px45 Affected: 0 , < F10.19.050004 (semver)
        cpe:2.3:a:honeywell:px45:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px240 Affected: 0 , < F10.19.050004 (semver)
        cpe:2.3:a:honeywell:px240:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell px940 Affected: 0 , < H10.19.050004 (semver)
        cpe:2.3:a:honeywell:px940:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell pm45 Affected: 0 , < J10.19.050004 (semver)
        cpe:2.3:a:honeywell:pm45:*:*:*:*:*:*:*:*
    Create a notification for this product.
    honeywell rp2f_rp4f Affected: 0 , < M10.19.050006 (semver)
        cpe:2.3:a:honeywell:rp2f_rp4f:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Jinqi Lai (Independent Security Researcher)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.525Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.honeywell.com/us/en/product-security"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pm23_43:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pm23_43",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "P10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pc23_43:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pc23_43",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "K10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pd43:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pd43",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "K10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pm42:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pm42",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "T10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  },
                  {
                    "lessThan": "L10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px4ie_6ie:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px4ie_6ie",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "A10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px45_65:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px45_65",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "B10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px45:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px45",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "F10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px240:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px240",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "F10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:px940:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "px940",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "H10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:pm45:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "pm45",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "J10.19.050004",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:honeywell:rp2f_rp4f:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "rp2f_rp4f",
                "vendor": "honeywell",
                "versions": [
                  {
                    "lessThan": "M10.19.050006",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3710",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-26T13:53:08.275292Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T15:13:06.021Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Printer web page"
              ],
              "platforms": [
                "32 bit"
              ],
              "product": "PM23/43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "P10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PC23/43, PD43",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "K10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "T10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM42",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "L10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX4ie/6ie",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "A10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX45/65",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "B10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PD45, PX240",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "F10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PX940",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "H10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "PM45",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "J10.19.050004",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "32 bit"
              ],
              "product": "RP2f/RP4f",
              "vendor": "Honeywell",
              "versions": [
                {
                  "lessThan": "M10.19.050006",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jinqi Lai (Independent Security Researcher)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.\u003cp\u003eThis issue affects PM43 versions prior to P10.19.050004.\u0026nbsp;Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\u003c/p\u003e"
                }
              ],
              "value": "Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004.\u00a0Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006)."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-12T19:31:57.851Z",
            "orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
            "shortName": "Honeywell"
          },
          "references": [
            {
              "url": "https://www.honeywell.com/us/en/product-security"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004"
            },
            {
              "url": "https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Printer web page invalid command execution",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
        "assignerShortName": "Honeywell",
        "cveId": "CVE-2023-3710",
        "datePublished": "2023-09-12T19:55:41.805Z",
        "dateReserved": "2023-07-17T13:59:22.320Z",
        "dateUpdated": "2025-09-12T19:31:57.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }