Improper storage of sensitive information_CVE-2026-5434

5.9 / 10

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

Honeywell Control
Network Module (CNM) contains
insertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing
system files, potentially resulting in unintended
access to protected data.

Basic Information

ID CVE-2026-5434

Source Honeywell

Published May 21, 2026 at 08:38

Affected Product

Vendor Honeywell International Inc.

Product Control Network Module (CNM)

Version 100.1

Affected Versions Honeywell International Inc. Control Network Module (CNM) 100.1

CWE Classification

CWE-538

References

process.honeywell.com /

{
    "lastseen": "",
    "description": "Honeywell Control\nNetwork Module (CNM)\u00a0contains\ninsertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing\nsystem files, potentially resulting in unintended\naccess to protected data.",
    "published": "2026-05-21T08:38:25.477Z",
    "modified": "2026-05-21T08:38:25.477Z",
    "type": "cve",
    "title": "Improper storage of sensitive information",
    "source": "Honeywell",
    "references": "https://process.honeywell.com/",
    "id": "CVE-2026-5434",
    "bulletinFamily": "",
    "cwe": [
        "CWE-538"
    ],
    "cvelist": null,
    "sourceData": "Honeywell International Inc. Control Network Module (CNM) 100.1",
    "sourceHref": "",
    "cvss": {
        "score": 5.9,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Control Network Module (CNM)",
    "version": "100.1",
    "vendor": "Honeywell International Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}