CVE-2023-3712

CVSS V2 None CVSS V3 None

Description

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).

Overview

CVE ID
CVE-2023-3712

Assigner
Honeywell

Vulnerability Status
PUBLISHED

Published Version
2023-09-12T19:59:00.396Z

Last Modified Date
2023-09-12T19:59:00.396Z

Weakness Enumerations

CWE	URL
CWE-552	http://cwe.mitre.org/data/definitions/552.html

References

Reference URL	Reference Tags
https://www.honeywell.com/us/en/product-security
https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004
https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-3712
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3712

History

Created	Old Value	New Value	Data Type	Notes
2024-06-24 20:28:00				Added to TrackCVE