Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/01 12:0 a.m.52 views

Honeywell Experion PKS and ACE Controllers Unrestricted Upload of File with Dangerous Type (CVE-2021-38397)

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. This plugin only works with Tenable.ot. Please visit...

10CVSS7.7AI score0.00875EPSS
Exploits1References3
CVE
CVE
added 2022/10/28 1:21 a.m.89 views

CVE-2021-38397

CVE-2021-38397 affects Honeywell Experion PKS: C200, C200E, C300, and ACE controllers. Root cause is unrestricted file uploads (insufficient input validation) allowing remote code execution and DoS. Impact is high: potential remote compromise of ICS assets. Remediation varies: Honeywell has added...

10CVSS9.7AI score0.00875EPSS
Exploits1References2Affected Software1
Circl
Circl
added 2021/10/06 9:39 a.m.7 views

CVE-2021-38397

creationtimestamp| type| source ---|---|--- 2021-10-06 09:39:48+00:00| seen| https://t.me/thehackernews/1565 2021-10-06 13:10:00+00:00| seen| https://t.me/truesecator/2185 2022-10-28 07:29:04+00:00| seen| https://t.me/cibsecurity/52195...

10CVSS8.9AI score0.00875EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2021/10/06 7:17 a.m.160 views

Multiple Critical Flaws Discovered in Honeywell Experion PKS and ACE Controllers

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday released an advisory regarding multiple security vulnerabilities affecting all versions of Honeywell Experion Process Knowledge System C200, C200E, C300, and ACE controllers that could be exploited to achieve remote code...

1.5AI score0.00875EPSS
Exploits1
ICS
ICS
added 2021/10/05 12:0 a.m.120 views

Honeywell Experion PKS and ACE Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: Experion Process Knowledge System PKS C200, C200E, C300 and ACE Controllers Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Relative Path Traversal, Improper...

10CVSS9.6AI score0.00875EPSS
Exploits1References5
Rows per page
Query Builder