Honeywell ICS Security Advisories
36 CISA ICS-CERT advisories published for Honeywell industrial control system products. Data updated every 2 hours.
16
Critical
13
High
5
Medium
2
Low
| Severity | CVSS | Advisory | Products | Published |
|---|---|---|---|---|
| CRITICAL | 9.8 |
Honeywell IQ4 Series BMS Controller (Update A)
ICSA-26-069-03 · 1 CVE
|
IQ4E Firmware,
IQ412 Firmware,
IQ422 Firmware
+2 more
|
2026-03-26 |
| CRITICAL | 9.8 |
Honeywell HIB2PI CCTV Camera (Update B)
ICSA-26-048-04 · 1 CVE
|
I-HIB2PI-UL
|
2026-03-12 |
| CRITICAL | 9.4 |
Honeywell Experion PKS (Update A)
ICSA-25-205-03 · 6 CVEs
|
Experion PKS,
Experion PKS
|
2025-08-04 |
| CRITICAL | 9.4 |
Honeywell OneWireless Wireless Device Manager (WDM)
ICSA-25-247-01 · 4 CVEs
|
OneWireless WDM,
OneWireless WDM
|
2025-08-04 |
| HIGH | 7.5 |
Honeywell HMIWeb Browser Buffer Overflow Vulnerability
ICSA-12-150-01 · 1 CVE
|
Process Solutions Experion,
Building Solutions Enterprise Building Manager,
Environmental Combustion & Controls
|
2025-06-17 |
| HIGH | 7.6 |
Honeywell FALCON XLWeb Controllers Vulnerabilities
ICSA-14-175-01 · 2 CVEs
|
FALCON Linux,
FALCON XLWebExe
|
2025-06-09 |
| CRITICAL | 9.4 |
Honeywell Midas Gas Detector Vulnerabilities
ICSA-15-309-02 · 2 CVEs
|
Midas gas detector,
Midas Black
|
2025-06-09 |
| CRITICAL | 9.4 |
Honeywell Experion PKS Directory Traversal Vulnerability
ICSA-15-272-01 · 1 CVE
|
Experion PKS Release
|
2025-06-09 |
| CRITICAL | 9.8 |
Honeywell Experion PKS Vulnerabilities
ICSA-14-352-01 · 5 CVEs
|
Experion PKS R40x,
Experion PKS R41x,
Experion PKS R43x
|
2025-06-06 |
| LOW | 2.1 |
Honeywell HART DTM Vulnerability
ICSA-15-029-01 · 1 CVE
|
Honeywell STT25T HART 5 Transmitter,
Honeywell STT25H HART 5 Transmitter,
Honeywell STT25S HART 5 Transmitter
+5 more
|
2025-06-06 |
| CRITICAL | 10.0 |
Honeywell XL Web Controller Directory Traversal Vulnerability
ICSA-15-076-02 · 1 CVE
|
EXCEL WEB 52 I/O,
EXCEL WEB 52 I/O,
EXCEL WEB 52 I/O
+2 more
|
2025-06-06 |
| MEDIUM | 6.8 |
Honeywell EBI, SymmetrE, and ComfortPoint Open Manager Station
ICSA-13-053-02A · 1 CVE
|
EBI,
SymmetrE,
CPO-M
|
2025-06-06 |
| LOW | 3.7 |
Honeywell Experion PKS Improper Input Validation Vulnerability
ICSA-16-301-01 · 1 CVE
|
Experion PKS,
Experion PKS,
Experion PKS
+2 more
|
2025-06-05 |
| HIGH | 7.5 |
Honeywell Uniformance PHD Denial Of Service (Update A)
ICSA-16-070-02A · 1 CVE
|
Uniformance PHD,
Uniformance PHD,
Uniformance PHD
|
2025-06-05 |
| CRITICAL | 9.1 |
Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC
ICSA-24-116-04 · 16 CVEs
|
Experion PKS,
Experion PKS,
Experion PKS
+13 more
|
2024-04-25 |
| CRITICAL | 9.8 |
Honeywell Experion PKS, LX and PlantCruise
ICSA-23-194-06 · 9 CVEs
|
Experion PKS,
Experion LX,
Experion PlantCruise
|
2023-07-13 |
| CRITICAL | 9.8 |
Honeywell OneWireless Wireless Device Manager
ICSA-23-075-06 · 3 CVEs
|
OneWireless WDM
|
2023-04-03 |
| HIGH | 8.8 |
Honeywell SoftMaster
ICSA-22-256-02 · 2 CVEs
|
SoftMaster
|
2022-09-13 |
| CRITICAL | 9.8 |
Honeywell ControlEdge
ICSA-22-242-06 · 1 CVE
|
ControlEdge
|
2022-08-30 |
| CRITICAL | 9.1 |
Honeywell Experion LX
ICSA-22-242-07 · 1 CVE
|
Experion LX
|
2022-08-30 |
| HIGH | 7.1 |
Honeywell Trend Controls Inter-Controller Protocol
ICSA-22-242-08 · 1 CVE
|
IQ Series Controllers that utilize Inter-Controller (IC) protocol
|
2022-08-30 |
| HIGH | 7.5 |
Honeywell Safety Manager
ICSA-22-207-02 · 4 CVEs
|
Safety Manager,
Safety Manager
|
2022-07-26 |
| HIGH | 7.6 |
Honeywell Saia Burgess PG5 PCD
ICSA-22-207-03 · 2 CVEs
|
Saia Burgess PG5 PCD
|
2022-07-26 |
| CRITICAL | 10.0 |
Honeywell Experion PKS and ACE Controllers
ICSA-21-278-04 · 3 CVEs
|
C200,
C200E,
C300 and ACE controllers
|
2021-10-05 |
| MEDIUM | 5.9 |
Honeywell ControlEdge PLC and RTU
ICSA-20-175-02 · 2 CVEs
|
ControlEdge PLC,
ControlEdge RTU
|
2020-06-23 |
| HIGH | 8.1 |
Honeywell WIN-PAK
ICSA-20-056-05 · 3 CVEs
|
WIN-PAK
|
2020-02-25 |
| CRITICAL | 9.4 |
Honeywell NOTI-FIRE-NET Web Server (NWS-3)
ICSA-20-051-03 · 2 CVEs
|
NOTI-FIRE-NET Web Server (NWS-3)
|
2020-02-20 |
| MEDIUM | 6.6 |
Honeywell INNCOM INNControl 3
ICSA-20-049-01 · 1 CVE
|
INNControl 3
|
2020-02-18 |
| CRITICAL | 9.8 |
ICSA-20-021-01_Honeywell Maxpro VMS & NVR
ICSA-20-021-01 · 2 CVEs
|
MAXPRO NVR SE,
MAXPRO NVR XE,
HNMSWVMS
+3 more
|
2020-01-21 |
| HIGH | 7.5 |
Honeywell equIP Series IP Cameras
ICSA-19-304-02 · 1 CVE
|
H4L2GR1,
HBL2GR1,
HCL2G
+11 more
|
2019-10-31 |
| HIGH | 7.5 |
Honeywell equIP and Performance Series IP Cameras
ICSA-19-304-03 · 1 CVE
|
H2W2GR1,
H3W2GR1,
H3W2GR1V
+46 more
|
2019-10-31 |
| HIGH | 7.5 |
Honeywell equIP and Performance Series IP Cameras and Recorders
ICSA-19-304-04 · 1 CVE
|
H2W2GR1,
H3W2GR1,
H3W2GR1V
+169 more
|
2019-10-31 |
| MEDIUM | 5.3 |
Honeywell IP-AK2
ICSA-19-297-02 · 1 CVE
|
IP-AK2 Access Control Panel
|
2019-10-24 |
| MEDIUM | 5.3 |
Honeywell Performance IP Cameras and Performance NVRs
ICSA-19-260-03 · 1 CVE
|
Performance IP Series cameras,
Performance Series NVRs,
Performance IP Series cameras
+56 more
|
2019-09-17 |
| HIGH | 7.6 |
Honeywell Mobile Computers with Android Operating Systems
ICSA-18-256-01 · 1 CVE
|
CK75 running Android OS,
CT60 running Android OS,
EDA50k running Android OS
+14 more
|
2018-09-13 |
| HIGH | 8.6 |
Honeywell XL Web II Controller Vulnerabilities
ICSA-17-033-01 · 5 CVEs
|
XLWeb 500 XLWebExe,
XL1000C500 XLWebExe
|
2017-02-02 |
Get Honeywell Vulnerability Alerts
Don't check manually — OTWarden emails you when CISA publishes new Honeywell ICS advisories, filtered to your specific equipment.
Start 14-Day Free Trial →