Summary
Honeywell IQ4x BMS controllers contain a maximum severity critical vulnerability (CVE-2026-3611) that allows unauthenticated attackers to create administrative accounts and take full control of building management systems.
Take Action:
If you are using Honeywell IQ4x Building Management System (or any BMS), make sure it's isolated from the internet and accessible only from trusted networks. Then reach out to Honeywell for updates. Don't wait to isolate your systems. This is maximum severity flaw, and it will be exploited very soon.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)