CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
93.6%
Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS) Enterprise Building Manager R400 and R410.1; and Honeywell Environmental Combustion and Controls (ECC) SymmetrE R410.1 allows remote attackers to execute arbitrary code via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
honeywell | enterprise_building_manager | r400 | cpe:2.3:a:honeywell:enterprise_building_manager:r400:*:*:*:*:*:*:* |
honeywell | enterprise_building_manager | r410.1 | cpe:2.3:a:honeywell:enterprise_building_manager:r410.1:*:*:*:*:*:*:* |
honeywell | experion | r200 | cpe:2.3:a:honeywell:experion:r200:*:*:*:*:*:*:* |
honeywell | experion | r300 | cpe:2.3:a:honeywell:experion:r300:*:*:*:*:*:*:* |
honeywell | experion | r310 | cpe:2.3:a:honeywell:experion:r310:*:*:*:*:*:*:* |
honeywell | experion | r400.0 | cpe:2.3:a:honeywell:experion:r400.0:*:*:*:*:*:*:* |
honeywell | symmetre | r410.1 | cpe:2.3:a:honeywell:symmetre:r410.1:*:*:*:*:*:*:* |