CVE-2025-2521

🗓️ 10 Jul 2025 20:08:04Reported by HoneywellType

Remote code execution risk in Honeywell Experion PKS and OneWireless due to memory buffer vulnerability.

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the Honeywell OneWireless Wireless Device Manager (WDM) and the micro-programming software for Honeywell Experion PKS programmable logic controllers arises from the occurrence of an operation outside the buffer in memory, allowing a intruder to execute arbitrary code.	1 Aug 202500:00	–	bdu_fstec
Circl	CVE-2025-2521	24 Jul 202510:00	–	circl
CNNVD	Honeywell Experion PKS 缓冲区错误漏洞	10 Jul 202500:00	–	cnnvd
Cvelist	CVE-2025-2521 Lack of indexes’ validation against buffer borders leads to remote code execution.	10 Jul 202520:08	–	cvelist
EUVD	EUVD-2025-21067	3 Oct 202520:07	–	euvd
ICS	Honeywell OneWireless Wireless Device Manager (WDM)	4 Aug 202506:00	–	ics
NVD	CVE-2025-2521	10 Jul 202521:15	–	nvd
Positive Technologies	PT-2025-29158 · Honeywell · Cn100 +10	12 Mar 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-2521	12 Jul 202520:28	–	redhatcve
Vulnrichment	CVE-2025-2521 Lack of indexes’ validation against buffer borders leads to remote code execution.	10 Jul 202520:08	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "C300 PCNT02",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU9",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "530 TCU3",
        "status": "affected",
        "version": "530",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "C300 PCNT05",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU9",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "530 TCU3",
        "status": "affected",
        "version": "530",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "FIM4",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU9",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "530 TCU3",
        "status": "affected",
        "version": "530",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "FIM8",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU9",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "530 TCU3",
        "status": "affected",
        "version": "530",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "UOC",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU9",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "530 TCU3",
        "status": "affected",
        "version": "530",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "CN100",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU9",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "530 TCU3",
        "status": "affected",
        "version": "530",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "HCA",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU9",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "530 TCU3",
        "status": "affected",
        "version": "530",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "C300PM",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU9",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "530 TCU3",
        "status": "affected",
        "version": "530",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "C200E",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU9",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "530 TCU3",
        "status": "affected",
        "version": "530",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "OneWireless"
    ],
    "product": "Wireless Device Manager",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "322.4",
        "status": "affected",
        "version": "322.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "330.3",
        "status": "affected",
        "version": "330.1",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
process	www.process.honeywell.com/

17 Jun 2026 09:07Current

7.9High risk

Vulners AI Score7.9

CVSS 3.18.6

EPSS0.00423

SSVC

CWE-119

vulnerability remote code execution honeywell experion pks onewireless memory buffer