Controller Denial of Service Vulnerability Affects Honeywell Security
CVE-2023-5407

5.9MEDIUM

Key Information:

Vendor

Honeywell

Status
C300
Vendor
CVE Published:
17 April 2024

What is CVE-2023-5407?

Controller denial of service due to improper handling of a specially crafted message received by the controller.

See Honeywell Security Notification for recommendations on upgrading and versioning.

Affected Version(s)

C300 Experion LX 520.2 <= 520.2 TCU4

C300 Experion LX 511.1 <= 511.5 TCU4 HF3

C300 Experion LX 520.1 <= 520.1 TCU4

References

https://process.honeywell.com

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.