PT-2023-3039 · Honeywell · Honeywell Onewireless
Published
2023-05-30
·
Updated
2023-06-06
·
CVE-2022-4240
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Honeywell OneWireless version 322.1
Description
The issue is related to a Missing Authentication for Critical Function vulnerability in Honeywell OneWireless, which allows Authentication Bypass. This can enable a remote attacker to elevate their privileges.
Recommendations
For Honeywell OneWireless version 322.1, update to a version that includes a fix for the Missing Authentication for Critical Function vulnerability to prevent Authentication Bypass.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Honeywell Onewireless