cbcvebase.
CVE-2023-3711
published 2023-09-12

CVE-2023-3711: Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This…

PriorityP346high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
0.87%
54.3th percentile
Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).

Affected

9 ranges
VendorProductVersion rangeFixed in
honeywellpm23_43< P10.19.050004P10.19.050004
honeywellpm42< T10.19.050004T10.19.050004
honeywellpm42< L10.19.050004L10.19.050004
honeywellpm43_firmware< p10.19.050004p10.19.050004
honeywellpm45< J10.19.050004J10.19.050004
honeywellpx45_65< B10.19.050004B10.19.050004
honeywellpx4ie_6ie< A10.19.050004A10.19.050004
honeywellpx940< H10.19.050004H10.19.050004
honeywellrp2f_rp4f< M10.19.050006M10.19.050006
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.