CVE-2014-9187

2019-03-2519:19:10

CWE-122

icscert

www.cve.org

10 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

JSON

Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.

CNA Affected

[
  {
    "product": "Experion PKS",
    "vendor": "Honeywell",
    "versions": [
      {
        "status": "affected",
        "version": "R40x prior to R400.6"
      },
      {
        "status": "affected",
        "version": "R41x prior to R410.6"
      },
      {
        "status": "affected",
        "version": "R43x prior to R430.2"
      }
    ]
  }
]

References

ics-cert.us-cert.gov/advisories/ICSA-14-352-01