Jinqi Lai

**Name of the Vulnerable Software and Affected Versions** Honeywell PM43 versions prior to P10.19.050004 **Description** The issue affects the printer web page modules of Honeywell PM43 on 32 bit, ARM, allowing Session Credential Falsification through Prediction due to a Session Fixation vulnerability. **Recommendations** Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006) to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Honeywell PM43 versions prior to P10.19.050004 **Description** The issue is related to an Improper Input Validation vulnerability in the Honeywell PM43 printer's web page modules, allowing Command Injection. This can enable a remote attacker to execute arbitrary commands. Approximately 187 devices may be affected. **Recommendations** Update to the latest available firmware version of the respective printers to version MR19.5 (e.g., P10.19.050006). As a temporary workaround, consider restricting access to the vulnerable web page modules until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Honeywell PM43 versions prior to P10.19.050004 **Description** The issue affects the Honeywell PM43 printer, specifically the 32-bit, ARM-based printer web page modules, allowing privilege escalation due to files or directories being accessible to external parties. **Recommendations** Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).