CNNVD-202601-3391 Information

CNNVD ID

CNNVD-202601-3391

Related CVE

CVE-2021-47866

• CNNVD Published: 2026-01-21

Description (Chinese)

Honeywell WIN-PACK PRO是美国Honeywell公司的一款安防管理平台软件。 Honeywell WIN-PACK PRO 4.8版本存在代码问题漏洞，该漏洞源于GuardTourService存在未加引号的服务路径，可能导致本地用户执行代码并提升系统权限。

Description (English)

Honeywell Win-PACK PRO is a secure management platform software for Honeywell in the United States. Honeywell Win-PACK PRO 4.8 has a code gap, which stems from the existence of unquoted service paths in GuardTourService, which may lead to local users implementing codes and enhancing system privileges.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

霍尼韦尔

Published

2026-01-21

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/49690 https://www.security.honeywell.com/product-repository/winpak https://www.vulncheck.com/advisories/win-pack-pro-guardtourservice-unquoted-service-path