CVE-2023-5389

🗓️ 30 Jan 2024 20:00:50Reported by HoneywellType

Vulnerability in Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the Configuration Handler component in the microprogramming software for Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC allows a perpetrator to execute arbitrary code.	2 Feb 202400:00	–	bdu_fstec
Circl	CVE-2023-5389	30 Jan 202421:31	–	circl
CNNVD	Honeywell UOC Security Vulnerability	30 Jan 202400:00	–	cnnvd
CVE	CVE-2023-5389	30 Jan 202420:00	–	cve
EUVD	EUVD-2023-57704	3 Oct 202520:07	–	euvd
ICS	Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC	25 Apr 202406:00	–	ics
NCSC	Vulnerabilities fixed in Honeywell Experion and Safety Manager	26 Apr 202400:00	–	ncsc
NVD	CVE-2023-5389	30 Jan 202420:15	–	nvd
Prion	Design/Logic Flaw	30 Jan 202420:15	–	prion
Positive Technologies	PT-2024-1408 · Honeywell · Honeywell Experion Controledge Virtualuoc +1	30 Jan 202400:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion PKS"
    ],
    "product": "ControlEdge UOC",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU4",
        "status": "affected",
        "version": "520.2",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "510.2 HF13",
        "status": "affected",
        "version": "510.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "520.1 TCU4",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "511.5 TCU4 HF3",
        "status": "affected",
        "version": "511.1",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Experion LX"
    ],
    "product": "ControlEdge UOC",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU4",
        "status": "affected",
        "version": "520.2",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "511.5 TCU4 HF3",
        "status": "affected",
        "version": "511.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "520.1 TCU4",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "PlantCruise by Experion"
    ],
    "product": "ControlEdge UOC",
    "vendor": "Honeywell",
    "versions": [
      {
        "lessThanOrEqual": "520.2 TCU4",
        "status": "affected",
        "version": "520.2",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "520.1 TCU4",
        "status": "affected",
        "version": "520.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "511.5 TCU4 HF3",
        "status": "affected",
        "version": "520.2 TCU4 HFR2",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
honeywell	www.honeywell.com/us/en/product-security
process	www.process.honeywell.com/

25 Apr 2024 16:54Current

9.3High risk

Vulners AI Score9.3

CVSS 3.19.1

EPSS0.00779

CWE-749