HIGH🇵🇱 Wersja polska

CVE-2023-22435

CVSS 7.5v3.1pub. 2023-07-13upd. 2024-11-21

Experion server may experience a DoS due to a stack overflow when handling a specially crafted message.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Honeywell Direct Station

    APP
    Honeywell
    520.1 – 520.1tcu4510.1 – 511.5tcu3520.2 – 520.2tcu2
  • Honeywell Engineering Station

    APP
    Honeywell
    520.2 – 520.2tcu2520.1 – 520.1tcu4510.1 – 511.5tcu3
  • Honeywell Experion Server

    APP
    Honeywell
    501.1 – 501.6hf8510.1 – 510.2hf12511.1 – 511.5tcu3520.1 – 520.1tcu4520.2 – 520.2tcu2
  • Honeywell Experion Station

    APP
    Honeywell
    520.2 – 520.2tcu2520.1 – 520.1tcu4511.1 – 511.5tcu3510.1 – 510.2hf12501.1 – 501.6hf8
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-23585CRITICAL9.8ten sam produkt

Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a sp...

CVE-2023-25078CRITICAL9.8ten sam produkt

Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted messag...

CVE-2023-24474HIGH7.5ten sam produkt

Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafte...

CVE-2023-25948HIGH7.5ten sam produkt

Server information leak of configuration data when an error is generated in response to a specially crafted me...

CVE-2026-3611CRITICAL10.0PL ✓ten sam vendor

Honeywell IQ4x — brak uwierzytelnienia w fabrycznym HMI (CWE-306)