CVE-2014-9189
published 2019-03-25CVE-2014-9189: Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all…
PriorityP261critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
5.23%
91.5th percentile
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| honeywell | experion_pks | — | — |
| honeywell | experion_pks | — | — |
| honeywell | experion_pks | — | — |
| honeywell | experion_process_knowledge_system | >= r400 < r400.6 | r400.6 |
| honeywell | experion_process_knowledge_system | >= r410 < r410.6 | r410.6 |
| honeywell | experion_process_knowledge_system | >= r430 < r430.2 | r430.2 |
| python | pillow | >= 0 < 2.3.0-1ubuntu3.4 | 2.3.0-1ubuntu3.4 |
| python | pillow | >= 0 < 3.1.2-0ubuntu1.1 | 3.1.2-0ubuntu1.1 |
Detection & IOCsextracted from sources · hover to see the quote
- →Alert on unexpected crashes or restarts of confd.exe, hscodbcn.exe, or pscdasrv.exe on Honeywell Experion PKS systems, which may indicate stack-based buffer overflow exploitation attempts. ↗
- →Detect Experion PKS systems exposed directly to the internet or business network; these should be isolated behind firewalls as exploitation is remotely possible with no authentication required. ↗
- ·No known public exploits specifically target these vulnerabilities at time of advisory publication, reducing immediate weaponized exploit risk. ↗
- ·CVE-2014-9189 affects only Experion PKS versions prior to R400.6, R410.6, and R430.2; patched versions are not vulnerable and should be confirmed before deploying detection rules. ↗
- ·Experion PKS R311.2 is also impacted but is end-of-life and unsupported; detection and patching guidance may differ for this legacy version. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Honeywell Experion PKS Vulnerabilities
cisa_ics·2019-04-10
Honeywell Experion PKS Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Honeywell Experion PKS Vulnerabilities
Last RevisedApril 10, 2019
Alert CodeICSA-14-352-01
## OVERVIEW
Alexander Tlyapov, Gleb Gritsai, Kirill Nesterov, Artem Chaykin and Ilya Karpov of the Positive Technologies Research Team and Security Lab have identified vulnerabilities in Honeywell’s Experion Process Knowledge System (EPKS) application. Honeywell has produced several patch updates (R400.6, R410.6 and 430.6) that resolve these vulnerabilities.
These vulnerabilities could be exploited remotely.
## AFFECTED PRODUCTS
The following Honeywell Experion PKS versions are affected
GHSA
GHSA-74pv-2x2q-87g8: Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400
ghsa_unreviewed·2022-05-13
CVE-2014-9189 [CRITICAL] CWE-119 GHSA-74pv-2x2q-87g8: Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.
OSV
pillow vulnerabilities
osv·2017-03-13·CVSS 5.0
CVE-2014-9601 pillow vulnerabilities
pillow vulnerabilities
It was discovered that Pillow incorrectly handled certain compressed text
chunks in PNG images. A remote attacker could possibly use this issue to
cause Pillow to crash, resulting in a denial of service. This issue only
affected Ubuntu 14.04 LTS. (CVE-2014-9601)
Cris Neckar discovered that Pillow incorrectly handled certain malformed
images. A remote attacker could use this issue to cause Pillow to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2016-9189)
Cris Neckar discovered that Pillow incorrectly handled certain malformed
images. A remote attacker could use this issue to cause Pillow to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-9190)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-03-25
Published