CVE-2022-30317

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access CDA EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell...

CVE-2022-30317

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access CDA EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell...

CVE-2022-30317

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access CDA EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell...

Authentication flaw

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access CDA EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell...

CVE-2022-30317

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access CDA EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell...

CVE-2022-30317

Summary (CVE-2022-30317, Honeywell Experion LX) : The vulnerability arises from the EpicMo protocol (55565/TCP) used by the Honeywell Experion LX DCS for device diagnostics/maintenance, which exposes unauthenticated functionality. Affected products include Experion LX up to 2022-05-06. The issue ...

Honeywell Experion LX 访问控制错误漏洞

Honeywell Experion LX is a purpose-built Distributed Control System DCS from Honeywell USA. An access control error vulnerability exists in Honeywell Experion LX that stems from the use of the EpicMo protocol without authentication, which could allow an attacker accessing the protocol over the...

Honeywell Experion LX

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: Experion LX Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report known as “OT:ICEFALL” that details vulnerabilities found in multiple...

The vulnerability of the EpicMo protocol lies in its ability to exploit measurement-and-control controllers from the Experion LX, allowing attackers to cause service failures.

The vulnerability of the EpicMo protocol, which is implemented in measurement and control controllers of the Experion LX, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

PT-2022-3079 · Honeywell · Honeywell Experion Lx

Name of the Vulnerable Software and Affected Versions: Honeywell Experion LX through 2022-05-06 Description: The issue concerns a missing authentication feature in the Honeywell Experion LX Control Data Access CDA EpicMo protocol, which is used for device diagnostics and maintenance purposes. Thi...