CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-5435

An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 81.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01
https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01

Products affected by CVE-2014-5435

Honeywell » Experion Process Knowledge System » Version: r400

cpe:2.3:a:honeywell:experion_process_knowledge_system:r400
Honeywell » Experion Process Knowledge System » Version: r410

cpe:2.3:a:honeywell:experion_process_knowledge_system:r410
Honeywell » Experion Process Knowledge System » Version: r430

cpe:2.3:a:honeywell:experion_process_knowledge_system:r430

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-5435

Products

Pricing

Contact Us