C300 Firmware Security Vulnerabilities and Issues — C300 Firmware CVE List

Lucene search

HoneywellC300 Firmware

4 matches found

CVE•added 2022/10/28 2:15 a.m.•82 views

CVE-2021-38395

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.

9.8CVSS9.6AI score0.00141EPSS

CVE•added 2023/07/13 11:15 a.m.•77 views

CVE-2023-25178

Controller may be loaded with malicious firmware which could enable remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning.

9.8CVSS9.8AI score0.00892EPSS

CVE•added 2023/07/13 11:15 a.m.•66 views

CVE-2023-24480

Controller DoS due to stack overflow when decoding a message from the server. See Honeywell Security Notification for recommendations on upgrading and versioning.

9.8CVSS8.8AI score0.0003EPSS

CVE•added 2023/07/13 11:15 a.m.•63 views

CVE-2023-25770

Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning.

9.8CVSS8.9AI score0.00054EPSS