CVE-2026-5433

CRITICAL CVSS 9.1 View on NVD ↗

Description

Honeywell Control Network Module (CNM) contains command injection vulnerability in the web interface. An attacker could exploit this vulnerability via command delimiters, potentially resulting in Remote Code Execution (RCE).

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References

https://process.honeywell.com/

Published: May 21, 2026 09:16 UTC Modified: May 21, 2026 15:26 UTC