Insufficient Data Authenticity in Honeywell Experion PKS Safety Manager and FSC Controllers
CVE-2022-30315

9.8CRITICAL

Key Information:

Vendor: Honeywell
Status: Safety Manager Firmware
Vendor: CVE Published:; 28 July 2022

What is CVE-2022-30315?

The Honeywell Experion PKS Safety Manager and FSC controllers exhibit a significant security flaw characterized by insufficient verification of data authenticity, enabling potential remote code execution attacks. The vulnerability arises from the use of an unauthenticated Safety Builder protocol, allowing an attacker to download control logic without proper authentication. This control logic can be executed on the controller's CPU module, possibly compromising operational integrity. The lack of memory protection and privilege separation in the affected CPU modules further amplifies the risks associated with this vulnerability. Vulnerable versions confirmed include Safety Manager R145.1 and R152.2, with concerns that all FSC and SM controllers could be impacted. Attackers may manipulate control operations, comparable to the capabilities seen in TRITON malware. For mitigation, physical access controls must be strictly managed.

References

https://www.forescout.com/blog/

x_refsource_MISC

https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-02

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 28, 2022
Vulnerability Reserved
May 6, 2022