Honeywell Experion Pks
8 CVEs affecting Honeywell Experion Pks. Latest disclosed: 2022-10-28. Critical: 6, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-38397 | Critical | 10.0 | 2022-10-28 | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbi… |
CVE-2014-9186 | Critical | 9.8 | 2019-04-08 | A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which c… |
CVE-2014-5435 | Critical | 9.8 | 2019-04-08 | An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R… |
CVE-2014-9189 | Critical | 9.8 | 2019-03-25 | Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all v… |
CVE-2014-9187 | Critical | 9.8 | 2019-03-25 | Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all version… |
CVE-2021-38395 | Critical | 9.1 | 2022-10-28 | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attac… |
CVE-2021-38399 | High | 7.5 | 2022-10-28 | Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized fil… |
CVE-2014-5436 | High | 7.5 | 2019-04-08 | A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, wh… |