CVE-2026-13742
Lack of signature verification before execution of downloaded content
Vexday Risk Score
10Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.9EPSS —KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
29 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, leading to the replacement of downloaded file with a malicious one. Honeywell also recommends updating to the most recent version of this product, service, or offering [V27 SP1, V28 SP1]
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Honeywell Technologies · IQ MultiAccessWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →