CVE-2025-2605 – Honeywell MB-Secure OS Command Injection Vulnerability

May 2, 2025

CVE ID : CVE-2025-2605

Published : May 2, 2025, 1:15 p.m. | 3 hours, 13 minutes ago

Description : Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most recent version of this product.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-53121 – Linux Kernel TCP Information Disclosure Vulnerability

Next Article VS klaagt verdachte aan voor ransomware-aanvallen tegen Exchange-servers

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

Anthropic beats OpenAI as the top LLM provider for business – and it’s not even close

I bought Samsung’s Galaxy Watch Ultra 2025 – here’s why I have buyer’s remorse

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

This is Microsoft’s canceled Windows-based Surface Duo — the dual-screen Windows Phone from 2018 that we never got

The details of TC39’s last meeting

The details of TC39’s last meeting

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

Newelle, a ‘Virtual Assistant’ for GNOME, Hits Version 1.0

Newelle, a ‘Virtual Assistant’ for GNOME, Hits Version 1.0

Bustle – visualize D-Bus activity

Radon – computes various metrics from Python code

CVE-2025-2605 – Honeywell MB-Secure OS Command Injection Vulnerability

CVE-2025-6754 – “WordPress SEO Metrics Privilege Escalation”

CVE-2025-7710 – “Brave Conversion Engine WordPress Facebook Authentication Bypass”

CVE-2025-23016: Critical FastCGI Heap Overflow Threatens Embedded Devices, PoC Releases

New postdoctoral fellowship program to accelerate innovation in health care

Managing the growing risk profile of agentic AI and MCP in the enterprise

CVE-2025-7798 – Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System SQL Injection Vulnerability

CVE-2025-7512 – “Modern Bag SQL Injection Vulnerability”

I tested DJI’s latest flagship drone, and it’s straight from the future (with one caveat)

BOND 2025 AI Trends Report Shows AI Ecosystem Growing Faster than Ever with Explosive User and Developer Adoption

Iterator helpers have become Baseline Newly available

CVE-2025-2605 – Honeywell MB-Secure OS Command Injection Vulnerability

Related Posts