Honeywell Security Notification: Upgrade and Versioning Recommendations for Server Hostname Translation to IP Address Manipulation Vulnerability
CVE-2023-5403

8.1HIGH

Key Information:

Vendor

Honeywell

Vendor
CVE Published:
17 April 2024

What is CVE-2023-5403?

A vulnerability has been identified in Honeywell products that allows for the manipulation of server hostname translations to IP addresses. Exploitation of this vulnerability can enable an attacker to execute arbitrary code remotely or trigger a service failure. It is critical for users to review the impacted versions of Honeywell products and apply recommended security patches and updates to mitigate the risks. For more information on securing your systems, reference the security notifications provided by Honeywell.

Affected Version(s)

Experion Server Experion LX 520.2 <= 520.2 TCU4

Experion Server Experion LX 511.1 <= 511.5 TCU4 HF3

Experion Server Experion LX 520.1 <= 520.1 TCU4

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.