Missing Authentication Vulnerability in Honeywell Handheld Scanners
CVE-2026-4272

8.1HIGH

Key Information:

Vendor: Honeywell
Status: Barcode Scanners
Vendor: CVE Published:; 5 April 2026

What is CVE-2026-4272?

A vulnerability in Honeywell Handheld Scanners could allow an attacker, within Bluetooth range of the scanner's base station, to execute system commands on the connected host without authentication. This poses a significant security risk, enabling remote unauthorized access and manipulation of the system. Users are advised to upgrade to the latest firmware version to mitigate this vulnerability.

Affected Version(s)

Barcode Scanners C1 Base(Ingenic x1000)

Barcode Scanners D1 Base(Ingenic x1600)

Barcode Scanners A1/B1 Base(IMX25)

References

https://https://nvd.nist.gov/vuln/detail/CVE-2026-4272

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 5, 2026
Vulnerability Reserved
Mar 16, 2026

Credit

Kaspersky

Haidar Kabibo

CVE-2026-4272 Data

JSON