CRITICAL🇵🇱 Wersja polska

CVE-2023-3710

CVSS 9.9v3.1pub. 2023-09-12upd. 2025-09-12

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
  • Honeywell Pm43

    HW
    Honeywell
    wszystkie wersje
  • Honeywell Pm43 Firmware

    OS
    Honeywell
    < p10.19.050004
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-3711MEDIUM6.4ten sam produkt

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Cred...

CVE-2023-3712MEDIUM6.6ten sam produkt

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer we...

CVE-2026-3611CRITICAL10.0PL ✓ten sam vendor

Honeywell IQ4x — brak uwierzytelnienia w fabrycznym HMI (CWE-306)

CVE-2025-2605CRITICAL9.9PL ✓ten sam vendor

OS Command Injection w Honeywell MB-Secure i MB-Secure PRO (privilege abuse)

CVE-2024-2421CRITICAL9.3PL ✓ten sam vendor

Nieuwierzytelniony RCE w Honeywell LenelS2 NetBox (command injection)