CVE-2026-5434

Summary

Honeywell Control Network Module (CNM) contains insertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing system files, potentially resulting in unintended access to protected data.

Affected Software

VendorProductVersion RangeStatus
Honeywell International Inc.Control Network Module (CNM)100.1 <= 110.2affected

Weaknesses

  • CWE-538: CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References