Sensitive Information Exposure in Honeywell Control Network Module
CVE-2026-5434

5.9MEDIUM

Key Information:

Vendor: Honeywell International Inc.
Status: Control Network Module (cnm)
Vendor: CVE Published:; 21 May 2026

🔔 Create Honeywell International Inc. Vulnerability Alert

What is CVE-2026-5434?

The Honeywell Control Network Module (CNM) contains a vulnerability that allows for the insertion of sensitive information into an unintended directory. This weakness can be exploited by attackers who probe system files, potentially gaining unauthorized access to protected data. Organizations using the CNM should be advised to assess their security posture and apply any available patches to mitigate this risk.

Affected Version(s)

Control Network Module (CNM) CNM 100.1 <= 110.2

References

https://process.honeywell.com/

patch

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 21, 2026
Vulnerability Reserved
Apr 2, 2026

Credit

Andreas Krämer, BASF Digital Solutions GmbH

Martin Floeck, BASF Digital Solutions GmbH

Stefan Stahl, BASF Digital Solutions GmbH

CVE-2026-5434 Data

JSON