CVE-2023-25770

🗓️ 13 Jul 2023 10:59:58Reported by HoneywellType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 70 Views

Controller DoS due to buffer overflow from specially crafted message

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2023-25770	13 Jul 202314:52	–	circl
CNNVD	Honeywell Products 代码问题漏洞	13 Jul 202300:00	–	cnnvd
Cvelist	CVE-2023-25770 Controller stack overflow on decoding messages from the server	13 Jul 202310:59	–	cvelist
EUVD	EUVD-2023-29667	3 Oct 202520:07	–	euvd
ICS	Honeywell Experion PKS, LX and PlantCruise	13 Jul 202300:00	–	ics
NVD	CVE-2023-25770	13 Jul 202311:15	–	nvd
OSV	CVE-2023-25770	13 Jul 202311:15	–	osv
Prion	Buffer overflow	13 Jul 202311:15	–	prion
Positive Technologies	PT-2023-3879 · Honeywell · Honeywell Experion Pks +2	13 Jul 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-25770	9 Jan 202609:01	–	redhatcve

NVD

Node

honeywell c300_firmwareRange501.1–501.6hf8

honeywell c300_firmwareRange510.1–510.2hf12

honeywell c300_firmwareRange511.1–511.5tcu3

honeywell c300_firmwareRange520.1–520.1tcu4

honeywell c300_firmwareRange520.2–520.2tcu2

AND

honeywell c300Match-

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "C300",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "501.6HF8",
        "status": "affected",
        "version": "501.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "510.2HF12",
        "status": "affected",
        "version": "510.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "511.5TCU3",
        "status": "affected",
        "version": "511.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "520.1TCU4",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "520.2TCU2",
        "status": "affected",
        "version": "520.2",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion LX",
      "Experion PlantCruise"
    ],
    "product": "C300",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "511.5TCU3",
        "status": "affected",
        "version": "510.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "520.1TCU4",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "520.2TCU2",
        "status": "affected",
        "version": "520.2",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
process	www.process.honeywell.com/

21 Nov 2024 07:50Current

8.9High risk

Vulners AI Score8.9

CVSS 3.17.5 - 9.8

EPSS0.00072

SSVC

CWE-502