Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/01 12:0 a.m.37 views

Honeywell Experion PKS and ACE Controllers Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2021-38395)

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. This plugin only works with Tenable.ot. Please visit...

9.8CVSS7.7AI score0.00871EPSS
Exploits0References3
CVE
CVE
added 2022/10/28 1:20 a.m.101 views

CVE-2021-38395

The CVE-2021-38395 entry applies to Honeywell Experion PKS C200, C200E, C300 and ACE controllers, where the vulnerability stems from improper neutralization of special elements in output. This condition can allow a remote attacker to execute arbitrary code and trigger a denial-of-service. Publicl...

9.8CVSS9.6AI score0.00871EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2021/10/06 9:39 a.m.8 views

CVE-2021-38395

creationtimestamp| type| source ---|---|--- 2021-10-06 09:39:48+00:00| seen| https://t.me/thehackernews/1565 2021-10-06 13:10:00+00:00| seen| https://t.me/truesecator/2185 2022-10-28 07:28:56+00:00| seen| https://t.me/cibsecurity/52189...

9.8CVSS8.9AI score0.00871EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2021/10/06 7:17 a.m.157 views

Multiple Critical Flaws Discovered in Honeywell Experion PKS and ACE Controllers

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday released an advisory regarding multiple security vulnerabilities affecting all versions of Honeywell Experion Process Knowledge System C200, C200E, C300, and ACE controllers that could be exploited to achieve remote code...

1.5AI score0.00875EPSS
Exploits1
ICS
ICS
added 2021/10/05 12:0 a.m.119 views

Honeywell Experion PKS and ACE Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: Experion Process Knowledge System PKS C200, C200E, C300 and ACE Controllers Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Relative Path Traversal, Improper...

10CVSS9.6AI score0.00875EPSS
Exploits1References5
Rows per page
Query Builder