CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-5436

A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.4%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01
https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01

Products affected by CVE-2014-5436

Honeywell » Experion Process Knowledge System » Version: r400

cpe:2.3:a:honeywell:experion_process_knowledge_system:r400
Honeywell » Experion Process Knowledge System » Version: r410

cpe:2.3:a:honeywell:experion_process_knowledge_system:r410
Honeywell » Experion Process Knowledge System » Version: r430

cpe:2.3:a:honeywell:experion_process_knowledge_system:r430

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-5436

Products

Pricing

Contact Us