Experion PKS C200
by Honeywell
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-38397 | 0.00 | — | 0.01 | Oct 28, 2022 | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. | |||
| CVE-2021-38395 | 0.00 | — | 0.01 | Oct 28, 2022 | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. | |||
| CVE-2021-38399 | 0.00 | — | 0.01 | Oct 28, 2022 | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories. | |||
| CVE-2014-5435 | 0.00 | — | 0.03 | Apr 8, 2019 | An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and… | |||
| CVE-2014-5436 | 0.00 | — | 0.03 | Apr 8, 2019 | A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running… | |||
| CVE-2014-9186 | 0.00 | — | 0.04 | Apr 8, 2019 | A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code… | |||
| CVE-2014-9187 | 0.00 | — | 0.04 | Mar 25, 2019 | Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly… | |||
| CVE-2014-9189 | 0.00 | — | 0.05 | Mar 25, 2019 | Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial… |
- CVE-2021-38397Oct 28, 2022risk 0.00cvss —epss 0.01
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.
- CVE-2021-38395Oct 28, 2022risk 0.00cvss —epss 0.01
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.
- CVE-2021-38399Oct 28, 2022risk 0.00cvss —epss 0.01
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories.
- CVE-2014-5435Apr 8, 2019risk 0.00cvss —epss 0.03
An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and…
- CVE-2014-5436Apr 8, 2019risk 0.00cvss —epss 0.03
A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running…
- CVE-2014-9186Apr 8, 2019risk 0.00cvss —epss 0.04
A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code…
- CVE-2014-9187Mar 25, 2019risk 0.00cvss —epss 0.04
Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly…
- CVE-2014-9189Mar 25, 2019risk 0.00cvss —epss 0.05
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial…