← Retour aux CVEs

CVE-2023-3710

CRITICAL

9.9

Description

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).

Details CVE

Score CVSS v3.19.9

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie9/12/2023

Derniere modification9/12/2025

Sourcenvd

Observations honeypot0

Produits affectes

honeywell:pm43honeywell:pm43_firmware

Faiblesses (CWE)

CWE-20CWE-77

References

https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004(psirt@honeywell.com)

https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A(psirt@honeywell.com)

https://www.honeywell.com/us/en/product-security(psirt@honeywell.com)

https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004(af854a3a-2127-422b-91ae-364da2661108)

https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A(af854a3a-2127-422b-91ae-364da2661108)

https://www.honeywell.com/us/en/product-security(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.