MEDIUM🇵🇱 Wersja polska

CVE-2023-3711

CVSS 6.4v3.1pub. 2023-09-12upd. 2025-09-12

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
  • Honeywell Pm43

    HW
    Honeywell
    wszystkie wersje
  • Honeywell Pm43 Firmware

    OS
    Honeywell
    < p10.19.050004
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-3710CRITICAL9.9ten sam produkt

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Com...

CVE-2023-3712MEDIUM6.6ten sam produkt

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer we...

CVE-2026-3611CRITICAL10.0PL ✓ten sam vendor

Honeywell IQ4x — brak uwierzytelnienia w fabrycznym HMI (CWE-306)

CVE-2025-2605CRITICAL9.9PL ✓ten sam vendor

OS Command Injection w Honeywell MB-Secure i MB-Secure PRO (privilege abuse)

CVE-2024-2421CRITICAL9.3PL ✓ten sam vendor

Nieuwierzytelniony RCE w Honeywell LenelS2 NetBox (command injection)