Honeywell Experion Pks

8 CVEs affecting Honeywell Experion Pks. Latest disclosed: 2022-10-28. Critical: 6, High: 2.

Top CVEs affecting Honeywell Experion Pks
CVESeverityScorePublishedSummary
CVE-2021-38397Critical10.02022-10-28Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbi…
CVE-2014-9186Critical9.82019-04-08A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which c…
CVE-2014-5435Critical9.82019-04-08An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R…
CVE-2014-9189Critical9.82019-03-25Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all v…
CVE-2014-9187Critical9.82019-03-25Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all version…
CVE-2021-38395Critical9.12022-10-28Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attac…
CVE-2021-38399High7.52022-10-28Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized fil…
CVE-2014-5436High7.52019-04-08A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, wh…