Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_HONEYWELL_CVE-2023-24480.NASL
HistorySep 05, 2023 - 12:00 a.m.

Honeywell Experion PKS, LX and PlantCruise Improper Encoding or Escaping of Output (CVE-2023-24480)

2023-09-0500:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
honeywell
experion
pks
lx
plantcruise
improper encoding
output
cve-2023-24480
dos
stack overflow
tenable.ot
cybersecurity
infrastructure security agency
cisa
upgrade
r520.2
security best practices
notifications
sn2023-06-22

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.8%

JSON

Controller DoS due to stack overflow when decoding a message from the server

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501610);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2023-24480");

  script_name(english:"Honeywell Experion PKS, LX and PlantCruise Improper Encoding or Escaping of Output (CVE-2023-24480)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Controller DoS due to stack overflow when decoding a message from the
server

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://process.honeywell.com");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-23-194-06");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Honeywell recommends users upgrade Experion Platforms to version R520.2. Download information includes the following:

- Product: Experion PKS, LX, & PlantCruise
- Version: R520.2
- For instructions on this process: 
    - Go to the Honeywell Website and sign in.
    - Select “Support” at the top of the web page.
    - Select “Product Documents & Downloads.”
    - In the given search box, search for: “Experion PKS R520.2”, “Experion LX R520.2” or “Experion PlantCruise R520.2”
and select the hyperlink for the given Experion platform.

Honeywell advises users to follow security best practices for Experion platform environments to ensure access is limited
to authorized users only. Users should ensure the backup files are maintained in a network location or physical drive
with access limited to authorized users only and should not share them.

Honeywell Security Notifications are available on the Honeywell website. For access, users should visit the Honeywell
website and sign in, select the search icon at the top of the web page, and search for “SN2023-06-22”.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-24480");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(787);

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/07/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/07/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/09/05");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:honeywell:c300_firmware:501");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:honeywell:c300_firmware:510");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:honeywell:c300_firmware:511");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:honeywell:c300_firmware:520");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Honeywell");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Honeywell');

var asset = tenable_ot::assets::get(vendor:'Honeywell');

var vuln_cpes = {
    "cpe:/o:honeywell:c300_firmware:501" :
        {"versionEndIncluding" : "501.6hf8", "versionStartIncluding" : "501.1", "family" : "HoneywellExperion"},
    "cpe:/o:honeywell:c300_firmware:510" :
        {"versionEndIncluding" : "510.2hf12", "versionStartIncluding" : "510.1", "family" : "HoneywellExperion"},
    "cpe:/o:honeywell:c300_firmware:511" :
        {"versionEndIncluding" : "511.5tcu3", "versionStartIncluding" : "511.1", "family" : "HoneywellExperion"},
    "cpe:/o:honeywell:c300_firmware:520" :
        {"versionEndIncluding" : "520.1tcu4", "versionStartIncluding" : "520.1", "family" : "HoneywellExperion"},
    "cpe:/o:honeywell:c300_firmware:520" :
        {"versionEndIncluding" : "520.2tcu2", "versionStartIncluding" : "520.2", "family" : "HoneywellExperion"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
VendorProductVersionCPE
honeywellc300_firmware501cpe:/o:honeywell:c300_firmware:501
honeywellc300_firmware510cpe:/o:honeywell:c300_firmware:510
honeywellc300_firmware511cpe:/o:honeywell:c300_firmware:511
honeywellc300_firmware520cpe:/o:honeywell:c300_firmware:520

Related

prion 1
cve 1
nvd 1
cvelist 1
ics 1
prion
prion
Stack overflow
2023-07-13 11:15:00
cve
cve
CVE-2023-24480
2023-07-13 11:15:08
nvd
nvd
CVE-2023-24480
2023-07-13 11:15:08
cvelist
cvelist
CVE-2023-24480 Controller stack overflow when decoding messages from the server
2023-07-13 10:57:46
ics
ics
Honeywell Experion PKS, LX and PlantCruise
2023-07-13 12:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.8%

JSON
Related for TENABLE_OT_HONEYWELL_CVE-2023-24480.NASL
prion1cve1nvd1cvelist1ics1