CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
33.9%
Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501612);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/04");
script_cve_id("CVE-2023-26597");
script_xref(name:"ICSA", value:"23-194-06");
script_name(english:"Honeywell Experion PKS, LX and PlantCruise Uncontrolled Resource Consumption (CVE-2023-26597)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Controller DoS due to buffer overflow in the handling of a specially
crafted message received by the controller.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://process.honeywell.com");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-23-194-06");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Honeywell recommends users upgrade Experion Platforms to version R520.2. Download information includes the following:
- Product: Experion PKS, LX, & PlantCruise
- Version: R520.2
- For instructions on this process:
- Go to the Honeywell Website and sign in.
- Select âSupportâ at the top of the web page.
- Select âProduct Documents & Downloads.â
- In the given search box, search for: âExperion PKS R520.2â, âExperion LX R520.2â or âExperion PlantCruise R520.2â
and select the hyperlink for the given Experion platform.
Honeywell advises users to follow security best practices for Experion platform environments to ensure access is limited
to authorized users only. Users should ensure the backup files are maintained in a network location or physical drive
with access limited to authorized users only and should not share them.
Honeywell Security Notifications are available on the Honeywell website. For access, users should visit the Honeywell
website and sign in, select the search icon at the top of the web page, and search for âSN2023-06-22â.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-26597");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(787);
script_set_attribute(attribute:"vuln_publication_date", value:"2023/07/13");
script_set_attribute(attribute:"patch_publication_date", value:"2023/07/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/09/05");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:honeywell:c300_firmware:501");
script_set_attribute(attribute:"cpe", value:"cpe:/o:honeywell:c300_firmware:510");
script_set_attribute(attribute:"cpe", value:"cpe:/o:honeywell:c300_firmware:511");
script_set_attribute(attribute:"cpe", value:"cpe:/o:honeywell:c300_firmware:520");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Honeywell");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Honeywell');
var asset = tenable_ot::assets::get(vendor:'Honeywell');
var vuln_cpes = {
"cpe:/o:honeywell:c300_firmware:501" :
{"versionEndIncluding" : "501.6hf8", "versionStartIncluding" : "501.1", "family" : "HoneywellExperion"},
"cpe:/o:honeywell:c300_firmware:510" :
{"versionEndIncluding" : "510.2hf12", "versionStartIncluding" : "510.1", "family" : "HoneywellExperion"},
"cpe:/o:honeywell:c300_firmware:511" :
{"versionEndIncluding" : "511.5tcu3", "versionStartIncluding" : "511.1", "family" : "HoneywellExperion"},
"cpe:/o:honeywell:c300_firmware:520" :
{"versionEndIncluding" : "520.1tcu4", "versionStartIncluding" : "520.1", "family" : "HoneywellExperion"},
"cpe:/o:honeywell:c300_firmware:520" :
{"versionEndIncluding" : "520.2tcu2", "versionStartIncluding" : "520.2", "family" : "HoneywellExperion"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
33.9%