Lucene search
HistoryJul 13, 2023 - 11:15 a.m.
CVE-2023-23585
experion server
dos
heap overflow
message handling
security notification
upgrading
versioning
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
23.1%
Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation.
See Honeywell Security Notification for recommendations on upgrading and versioning.
Affected configurations
Node
honeywellexperion_serverRange501.1–501.6hf8
ORhoneywellexperion_serverRange510.1–510.2hf12
ORhoneywellexperion_serverRange511.1–511.5tcu3
ORhoneywellexperion_serverRange520.1–520.1tcu4
ORhoneywellexperion_serverRange520.2–520.2tcu2
Node
honeywellexperion_stationRange501.1–501.6hf8
ORhoneywellexperion_stationRange510.1–510.2hf12
ORhoneywellexperion_stationRange511.1–511.5tcu3
ORhoneywellexperion_stationRange520.1–520.1tcu4
ORhoneywellexperion_stationRange520.2–520.2tcu2
Node
honeywellengineering_stationRange510.1–511.5tcu3
ORhoneywellengineering_stationRange520.1–520.1tcu4
ORhoneywellengineering_stationRange520.2–520.2tcu2
Node
honeywelldirect_stationRange510.1–511.5tcu3
ORhoneywelldirect_stationRange520.1–520.1tcu4
ORhoneywelldirect_stationRange520.2–520.2tcu2
References
Related
cve
cve
CVE-2023-23585
2023-07-13 11:15:08
cvelist
cvelist
CVE-2023-23585 Server DoS due to heap overflow
2023-07-13 10:54:59
prion
prion
Design/Logic Flaw
2023-07-13 11:15:00
ics
ics
Honeywell Experion PKS, LX and PlantCruise
2023-07-13 12:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
23.1%
Related for NVD:CVE-2023-23585