4 matches found
CVE-2022-30319
Saia Burgess Controls SBC PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls SBC PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus 5050/UDP authentication. The potential impact is:...
CVE-2022-30319
CVE-2022-30319 describes an authentication bypass in Saia Burgess Controls (SBC) PCD using the S-Bus protocol (UDP port 5050) through 2022-05-06. The underlying issue is a MAC/IP whitelist-based access control that can be bypassed by spoofing UDP traffic, since UDP is stateless; an attacker obser...
Honeywell Saia Burgess PG5 PCD
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable on adjacent network/low attack complexity Vendor: Honeywell Equipment: Saia Burgess PG5 PCD Vulnerabilities: Authentication Bypass, Use of a Broken or Risky Cryptographic Algorithm CISA is aware of a public report known as “OT:ICEFALL” that...
Honeywell Saia Burgess PG5 PCD Authentication Bypass Using an Alternate Path or Channel (CVE-2022-30319, CVE-2022-30320)
The device may be vulnerable to flaws related to OT:ICEFALL. These vulnerabilities identify the insecure-by-design nature of OT devices and may not have a clear remediation path. As such, Nessus is unable to test specifically for these vulnerabilities but has identified the device to be one that...