Members of Google’s Android team discovered that some of Honeywell’s Android-based handheld computers are affected by a high severity privilege escalation vulnerability. The vendor has released software updates that should address the flaw.
Honeywell’s handheld computers are advertised as devices that combine the advantages provided by consumer PDAs with high-end industrial mobile computers. These rugged devices run Android or Windows operating systems and they provide a wide range of useful functions and connectivity features, including Wi-Fi, Bluetooth and compatibility with Cisco products. The devices are used worldwide in the commercial facilities, critical manufacturing, energy and healthcare sectors.
According to ICS-CERT, the vulnerability found by Google employees affects 17 handheld computers from Honeywell, including CT60, CN80, CT40, CK75, CN75, CT50, D75e, CN51, and EDA series devices running various versions of Android, from 4.4 through 8.1.
If a malicious application makes its way onto an affected device, it can allow its creators to elevate privileges on the system and gain unauthorized access to sensitive information, including keystrokes, passwords, photos, emails, and business-critical documents.
“A skilled attacker with advanced knowledge of the target system could exploit this vulnerability by creating an application that would successfully bind to the service and gain elevated system privileges,” ICS-CERT said in its advisory.
Register for SecurityWeek’s 2018 ICS Cyber Security Conference
The flaw is tracked as CVE-2018-14825 and it has been assigned a CVSS score of 7.6, which makes it “high severity.” The national CERTs of several countries have published advisories to warn organizations about the vulnerability.
While the security hole has been found by Google’s Android team, Honeywell told SecurityWeek that the issue is specific to its products and it does not impact Android in general.
“Honeywell has identified a potential vulnerability on select versions of our rugged mobile computers and issued a software patch to update these devices.” Eric Krantz, a Honeywell spokesperson, said via email.
ICS-CERT provides a complete list of impacted devices and Android versions, along with the software releases containing a patch. In addition to applying the fixes, Honeywell has advised customers to whitelist trusted applications in an effort to limit the risk of malicious apps getting on devices.
Related: Several Flaws Patched in Honeywell Controllers
Related: Honeywell SMX Protects Industrial Sites From USB Threats
Related: Honeywell to Open Industrial Cyber Security Center Singapore

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- GoAnywhere MFT Users Warned of Zero-Day Exploit
Latest News
- Software Supply Chain Security Firm Lineaje Raises $7 Million
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Vulnerability Provided Access to Toyota Supplier Management Network
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- Linux Variant of Cl0p Ransomware Emerges
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Comcast Wants a Slice of the Enterprise Cybersecurity Business
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
