Unrated severityNVD Advisory· Published Sep 8, 2012· Updated Apr 29, 2026

CVE-2012-0254

Description

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS) Enterprise Building Manager R400 and R410.1; and Honeywell Environmental Combustion and Controls (ECC) SymmetrE R410.1 allows remote attackers to execute arbitrary code via unspecified vectors.

Affected products

Honeywell/Enterprise Building Manager2 versions
cpe:2.3:a:honeywell:enterprise_building_manager:r400:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:honeywell:enterprise_building_manager:r400:*:*:*:*:*:*:*
- cpe:2.3:a:honeywell:enterprise_building_manager:r410.1:*:*:*:*:*:*:*
Honeywell/Experion4 versions
cpe:2.3:a:honeywell:experion:r200:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:honeywell:experion:r200:*:*:*:*:*:*:*
- cpe:2.3:a:honeywell:experion:r300:*:*:*:*:*:*:*
- cpe:2.3:a:honeywell:experion:r310:*:*:*:*:*:*:*
- cpe:2.3:a:honeywell:experion:r400.0:*:*:*:*:*:*:*
Honeywell/Symmetre
cpe:2.3:a:honeywell:symmetre:r410.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.us-cert.gov/control_systems/pdf/ICSA-12-150-01.pdfnvdThird Party AdvisoryUS Government Resource
www.honeywellprocess.com/en-US/support/pages/all-notifications.aspxnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000