CVE-2014-9189

2019-03-2519:10:47

CWE-121

icscert

www.cve.org

10 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.1%

JSON

Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.

CNA Affected

[
  {
    "product": "Experion PKS",
    "vendor": "Honeywell",
    "versions": [
      {
        "status": "affected",
        "version": "R40x prior to R400.6"
      },
      {
        "status": "affected",
        "version": "R41x prior to R410.6"
      },
      {
        "status": "affected",
        "version": "R43x prior to R430.2"
      }
    ]
  }
]

References

ics-cert.us-cert.gov/advisories/ICSA-14-352-01