Vulnerabilities4 min read
Honeywell BMS Controllers Ship With No Authentication by Design
CVE-2026-3611 exposes Honeywell IQ4x building management controllers with CVSS 10 severity. Default configuration allows anyone to create admin accounts.
Marcus ChenMar 19, 2026