CVE-2019-18228

Published: Oct 31, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service.

Affected (25)

Products: Honeywell: H2w2pc1m Firmware, H2w2per3 Firmware, H2w4per3 Firmware, H4w2per2 Firmware, H4w2per3 Firmware, H4w4per2 Firmware, H4w4per3 Firmware, H4w8pr2 Firmware, Hbd2per1 Firmware, Hbw2per1 Firmware, Hbw2per2 Firmware, Hbw4per1 Firmware, Hbw4per2 Firmware, Hbw4pgr1 Firmware, Hbw8pr2 Firmware, Hed2per3 Firmware, Hew2per2 Firmware, Hew2per3 Firmware, Hew4per3 Firmware, Hew4per3b Firmware, Hew4per2b Firmware, Hdzp252di Firmware, Hdzp304di Firmware, Hpw2p1 Firmware, H2w2gr1 Firmware

25 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell H2w2pc1m Firmware	All versions

Running on/with	Platform Versions
Honeywell H2w2pc1m	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell H2w2per3 Firmware	All versions

Running on/with	Platform Versions
Honeywell H2w2per3	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell H2w4per3 Firmware	All versions

Running on/with	Platform Versions
Honeywell H2w4per3	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell H4w2per2 Firmware	All versions

Running on/with	Platform Versions
Honeywell H4w2per2	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell H4w2per3 Firmware	All versions

Running on/with	Platform Versions
Honeywell H4w2per3	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell H4w4per2 Firmware	All versions

Running on/with	Platform Versions
Honeywell H4w4per2	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell H4w4per3 Firmware	All versions

Running on/with	Platform Versions
Honeywell H4w4per3	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell H4w8pr2 Firmware	All versions

Running on/with	Platform Versions
Honeywell H4w8pr2	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hbd2per1 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hbd2per1	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hbw2per1 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hbw2per1	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hbw2per2 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hbw2per2	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hbw4per1 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hbw4per1	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hbw4per2 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hbw4per2	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hbw4pgr1 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hbw4pgr1	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hbw8pr2 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hbw8pr2	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hed2per3 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hed2per3	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hew2per2 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hew2per2	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hew2per3 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hew2per3	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hew4per3 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hew4per3	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hew4per3b Firmware	All versions

Running on/with	Platform Versions
Honeywell Hew4per3b	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hew4per2b Firmware	All versions

Running on/with	Platform Versions
Honeywell Hew4per2b	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hdzp252di Firmware	All versions

Running on/with	Platform Versions
Honeywell Hdzp252di	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hdzp304di Firmware	All versions

Running on/with	Platform Versions
Honeywell Hdzp304di	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell Hpw2p1 Firmware	All versions

Running on/with	Platform Versions
Honeywell Hpw2p1	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Honeywell H2w2gr1 Firmware	All versions

Running on/with	Platform Versions
Honeywell H2w2gr1	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://www.us-cert.gov/ics/advisories/icsa-19-304-02

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://www.us-cert.gov/ics/advisories/icsa-19-304-02

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.