cbcvebase.
CVE-2023-3712
published 2023-09-12

CVE-2023-3712: Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This…

PriorityP343high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.53%
40.7th percentile
Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).

Affected

9 ranges
VendorProductVersion rangeFixed in
honeywellpm23_43< P10.19.050004P10.19.050004
honeywellpm42< T10.19.050004T10.19.050004
honeywellpm42< L10.19.050004L10.19.050004
honeywellpm43_firmware< p10.19.050004p10.19.050004
honeywellpm45< J10.19.050004J10.19.050004
honeywellpx45_65< B10.19.050004B10.19.050004
honeywellpx4ie_6ie< A10.19.050004A10.19.050004
honeywellpx940< H10.19.050004H10.19.050004
honeywellrp2f_rp4f< M10.19.050006M10.19.050006

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_oracle7.4HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.