Honeywell Experion PKS, LX and PlantCruise Insufficient Verification of Data Authenticity (CVE-2023-25178)

Controller may be loaded with malicious firmware which could enable remote code execution This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid501611;...

CVE-2023-25178

creationtimestamp| type| source ---|---|--- 2023-07-13 14:55:13+00:00| seen| https://t.me/cibsecurity/66650 2023-07-14 15:20:04+00:00| seen| https://t.me/truesecator/4617...

CVE-2023-25178

Controller may be loaded with malicious firmware which could enable remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning...

CVE-2023-25178

Controller may be loaded with malicious firmware which could enable remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning...

CVE-2023-25178

Honeywell Experion PKS, LX, and PlantCruise are affected by CVE-2023-25178 due to insufficient verification of data authenticity (unsigned firmware), which could allow a controller to be loaded with malicious firmware and potentially enable remote code execution. Impact is described as remote cod...