What is CVE-2025-3947?

CVE-2025-3947 is a high-severity vulnerability in Honeywell C200e, classified under Integer Underflow. CVSS score: 8.2/10. Published 2025-07-10.

How severe is CVE-2025-3947?

High severity. CVSS v3 base score is 8.2 out of 10.

Integer overflow in Honeywell C200e

CVE-2025-3947

The Honeywell Experion PKS contains an Integer Underflow vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to Input Data Manipulation, which could result in im…

EPSS: 0.004 (59.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H.

Affected products

Honeywell C200e — versions 520.1, 530
Honeywell C300 Pcnt02 — versions 520.1, 530
Honeywell C300 Pcnt05 — versions 520.1, 530
Honeywell C300pm — versions 520.1, 530
Honeywell Cn100 — versions 520.1, 530
Honeywell Fim4 — versions 520.1, 530
Honeywell Fim8 — versions 520.1, 530
Honeywell Hca — versions 520.1, 530
Honeywell Uoc — versions 520.1, 530

Weakness classification (CWE)

CWE-191 — Integer Underflow

References

process.honeywell.com/

Frequently asked questions

What is CVE-2025-3947?: CVE-2025-3947 is a high-severity vulnerability in Honeywell C200e, classified under Integer Underflow. CVSS score: 8.2/10. Published 2025-07-10.
How severe is CVE-2025-3947?: High severity. CVSS v3 base score is 8.2 out of 10.