Stack-based Buffer Overflow Vulnerabilities in Honeywell Experion PKS
CVE-2014-9189

9.8CRITICAL

Key Information:

Vendor: Honeywell
Status: Experion Pks
Vendor: CVE Published:; 25 March 2019

What is CVE-2014-9189?

Multiple stack-based buffer overflow vulnerabilities have been identified in various versions of Honeywell Experion PKS, which pose significant risks including remote code execution, dynamic memory corruption, and potential denial of service. Users of all versions prior to R400.6, R410.6, and R430.2 are strongly advised to upgrade to supported versions to mitigate these risks and safeguard their systems.

Affected Version(s)

Experion PKS R40x prior to R400.6

Experion PKS R41x prior to R410.6

Experion PKS R43x prior to R430.2

References

https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 25, 2019
Vulnerability Reserved
Dec 2, 2014