Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-0108
HistoryFeb 24, 2013 - 11:48 a.m.

CVE-2013-0108

2013-02-2411:48:21
CWE-94
[email protected]
web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.676 Medium

EPSS

Percentile

98.0%

JSON

An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M) Station R100; and HMIWeb Browser client packages allows remote attackers to execute arbitrary code via a crafted HTML document.

Affected configurations

NVD
Node
honeywellenterprise_buildings_integratorMatchr310
OR
honeywellenterprise_buildings_integratorMatchr400.2
OR
honeywellenterprise_buildings_integratorMatchr410.1
OR
honeywellenterprise_buildings_integratorMatchr410.2
Node
honeywellsymmetreMatchr310
OR
honeywellsymmetreMatchr400.2
OR
honeywellsymmetreMatchr410.1
Node
honeywellcomfortpoint_open_manager_stationMatchr100

Related

packetstorm 1
openvas 1
checkpoint_advisories 1
saint 4
cve 1
zdt 1
threatpost 1
cvelist 1
metasploit 1
nessus 1
seebug 1
prion 1
ics 1
exploitdb 1
packetstorm
packetstorm
Honeywell HSC Remote Deployer ActiveX Remote Code Execution
2013-03-11 00:00:00
openvas
openvas
Microsoft Windows ActiveX Control Multiple Vulnerabilities (2820197)
2013-05-21 00:00:00
checkpoint_advisories
checkpoint_advisories
Honeywell Multiple Products HscRemoteDeploy.dll ActiveX Control Code Execution (CVE-2013-0108)
2013-05-07 00:00:00
saint
saint
Honeywell HscRemoteDeploy.dll ActiveX Control vulnerability
2013-04-19 00:00:00
Honeywell HscRemoteDeploy.dll ActiveX Control vulnerability
2013-04-19 00:00:00
Honeywell HscRemoteDeploy.dll ActiveX Control vulnerability
2013-04-19 00:00:00
cve
cve
CVE-2013-0108
2022-10-03 16:15:03
zdt
zdt
Honeywell HSC Remote Deployer ActiveX Remote Code Execution
2013-03-12 00:00:00
threatpost
threatpost
Metasploit Module Released for Patched Honeywell ICS Vulnerability
2013-03-11 19:01:54
cvelist
cvelist
CVE-2013-0108
2022-10-03 16:15:03
metasploit
metasploit
Honeywell HSC Remote Deployer ActiveX Remote Code Execution
2013-03-11 18:03:59
nessus
nessus
MS KB2820197: Update Rollup for ActiveX Kill Bits
2013-05-15 00:00:00
seebug
seebug
Honeywell HSC Remote Deployer ActiveX Remote Code Execution
2014-07-01 00:00:00
prion
prion
Design/Logic Flaw
2013-02-24 11:48:00
ics
ics
Honeywell EBI, SymmetrE, and ComfortPoint Open Manager Station (Update A)
2018-09-06 12:00:00
exploitdb
exploitdb
Honeywell HSC Remote Deployer - ActiveX Remote Code Execution (Metasploit)
2013-03-13 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.676 Medium

EPSS

Percentile

98.0%

JSON
Related for NVD:CVE-2013-0108
packetstorm1openvas1checkpoint_advisories1saint4cve1zdt1threatpost1cvelist1metasploit1nessus1seebug1prion1ics1exploitdb1