CVE-2023-3711
published 2023-09-12CVE-2023-3711: Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This…
PriorityP346high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
0.87%
54.3th percentile
Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| honeywell | pm23_43 | < P10.19.050004 | P10.19.050004 |
| honeywell | pm42 | < T10.19.050004 | T10.19.050004 |
| honeywell | pm42 | < L10.19.050004 | L10.19.050004 |
| honeywell | pm43_firmware | < p10.19.050004 | p10.19.050004 |
| honeywell | pm45 | < J10.19.050004 | J10.19.050004 |
| honeywell | px45_65 | < B10.19.050004 | B10.19.050004 |
| honeywell | px4ie_6ie | < A10.19.050004 | A10.19.050004 |
| honeywell | px940 | < H10.19.050004 | H10.19.050004 |
| honeywell | rp2f_rp4f | < M10.19.050006 | M10.19.050006 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004Ahttps://www.honeywell.com/us/en/product-securityhttps://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004Ahttps://www.honeywell.com/us/en/product-security
2023-09-12
Published