6 matches found
Honeywell Experion PKS C200, C200E, C300, ACE Path Traversal Vulnerability (deprecated)
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Race condition
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition...
CVE-2021-38397
CVE-2021-38397 affects Honeywell Experion PKS: C200, C200E, C300, and ACE controllers. Root cause is unrestricted file uploads (insufficient input validation) allowing remote code execution and DoS. Impact is high: potential remote compromise of ICS assets. Remediation varies: Honeywell has added...
PT-2021-4327 · Honeywell · Honeywell Experion Pks
Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS versions C200, C200E, C300, and ACE Description: The issue is related to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. This could...
Vulnerabilities discovered in Honeywell Experion
Honeywell reports having found three vulnerabilities in Experion Process Knowledge System PKS C200, C200E, C300 and ACE Controllers. An unauthenticated malicious person could potentially exploit them to cause a denial-of-service, the execute arbitrary code on the vulnerable system or to gain acce...
Honeywell C200E Controller Module
Binary data 764873.prm...