All news with #honeywell tag

Thu, September 4, 2025

CISA Issues Five ICS Advisories on Critical Vulnerabilities

#Security Advisory #CISA #Industrial Control Systems #Honeywell #Mitsubishi Electric #Delta Electronics #ICONICS #ABB

⚠ CISA released five Industrial Control Systems (ICS) advisories on September 4, 2025, detailing vulnerabilities, impacts, and recommended mitigations for multiple OT products and protocols. The advisories address Honeywell OneWireless WDM, Mitsubishi Electric/ICONICS products, Delta Electronics COMMGR, Honeywell Experion PKS, and the End-of-Train/Head-of-Train Remote Linking Protocol. Several notices are updates (A/B) that include revised technical analysis and vendor-supplied mitigations. Administrators are urged to review the advisories promptly and apply recommended controls.

Thu, September 4, 2025

Honeywell OneWireless WDM Vulnerabilities and Patch Advisory

#Security Advisory #Patch #Honeywell #OneWireless WDM #RCE #Integer Underflow

⚠️ Honeywell's OneWireless Wireless Device Manager (WDM) contains multiple high‑severity vulnerabilities in the Control Data Access (CDA) component — including buffer overread, sensitive resource reuse, integer underflow, and wrong handler deployment (CVE‑2025‑2521, CVE‑2025‑2522, CVE‑2025‑2523, CVE‑2025‑3946). These issues can enable information disclosure, denial of service, or remote code execution. Honeywell advises updating affected WDM releases to R322.5 or R331.1; CISA recommends minimizing network exposure and isolating control networks to reduce exploitation risk.