Integer Underflow Vulnerability in Honeywell Experion PKS Products
CVE-2025-3947

8.2HIGH

Key Information:

Vendor: Honeywell
Status: C300 Pcnt02; C300 Pcnt05; Fim4; Fim8
Vendor: CVE Published:; 10 July 2025

What is CVE-2025-3947?

The Honeywell Experion PKS system contains an Integer Underflow vulnerability within the Control Data Access (CDA) component. This flaw can be exploited by attackers to manipulate input data, potentially disrupting the proper functioning of integer value checks during subtraction operations. Such disruptions may lead to a denial of service. Honeywell advises users to upgrade to the latest versions of Experion PKS: 520.2 TCU9 HF1 and 530.1 TCU3 HF1 to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

C200E Experion PKS 520.1 <= 520.2 TCU9

C200E Experion PKS 530 <= 530 TCU3

C300 PCNT02 Experion PKS 520.1 <= 520.2 TCU9

References

https://process.honeywell.com/

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 10, 2025
Vulnerability Reserved
Apr 25, 2025

Credit

Positive Technologies

JSON

Honeywell

What is CVE-2025-3947?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.