2 matches found
CVE-2022-30316
Honeywell Experion PKS Safety Manager 5.02 is affected by CVE-2022-30316 due to Insufficient Verification of Data Authenticity in the firmware update flow. The flaw stems from unauthenticated firmware images and dependencies on insecure checksums, with firmware images unsigned. A serial interface...
Honeywell Safety Manager Missing Authentication For Critical Function (CVE-2022-30313, CVE-2022-30314, CVE-2022-30315, CVE-2022-30316, CVE-2022-30317)
The device may be vulnerable to flaws related to OT:ICEFALL. These vulnerabilities identify the insecure-by-design nature of OT devices and may not have a clear remediation path. As such, Nessus is unable to test specifically for these vulnerabilities but has identified the device to be one that...