CVE-2025-3946

Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS versions 520.1 through 520.2 TCU9 Honeywell Experion PKS versions 530 through 530 TCU3 Honeywell OneWireless WDM versions 322.1 through 322.4 Honeywell OneWireless WDM versions 330.1 through 330.3

Description: The software contains a Deployment of Wrong Handler vulnerability in the Control Data Access (CDA) component. An attacker could potentially exploit this issue, leading to Input Data Manipulation, which could result in incorrect handling of packets and remote code execution.

Recommendations: Honeywell Experion PKS versions 520.1 through 520.2 TCU9: Update to Honeywell Experion PKS 520.2 TCU9 HF1. Honeywell Experion PKS versions 530 through 530 TCU3: Update to Honeywell Experion PKS 530.1 TCU3 HF1. Honeywell OneWireless WDM versions 322.1 through 322.4: Update to OneWireless 322.5. Honeywell OneWireless WDM versions 330.1 through 330.3: Update to OneWireless 331.1.