CVE-2023-5878

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Feb 6, 2025

CWE ID 77

Summary

CVE-2023-5878 is a command injection vulnerability affecting Honeywell's OneWireless Wireless Device Manager (WDM) for certain versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, and R330.1. Authenticated attackers can exploit this issue during the firmware update process, potentially injecting malicious commands. The vulnerability could result in significant security implications. Honeywell advises users to update to the latest versions R322.3, R330.2, or the most recent release to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tOCLAo
https://www.cve.org/CVERecord?id=CVE-2023-5878
https://nvd.nist.gov/vuln/detail/CVE-2023-5878

Back to Vulnerability Database

CVE-2023-5878

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations