Honeywell Experion Process Knowledge System vulnerabilities
6 known vulnerabilities affecting honeywell/experion_process_knowledge_system.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH1LOW1
Vulnerabilities
Page 1 of 1
CVE-2014-9189P2CRITICALCVSS 9.8≥ r400, < r400.6≥ r410, < r410.6+1 more2019-03-25
CVE-2014-9189 [CRITICAL] CWE-121 CVE-2014-9189: Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versio
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers r
nvd
CVE-2014-9187P3CRITICALCVSS 9.8≥ r400, < r400.6≥ r410, < r410.6+1 more2019-03-25
CVE-2014-9187 [CRITICAL] CWE-122 CVE-2014-9187: Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions pri
Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of E
nvd
CVE-2014-5435P3CRITICALCVSS 9.8≥ r400, < r400.6≥ r410, < r410.6+1 more2019-04-08
CVE-2014-5435 [CRITICAL] CWE-123 CVE-2014-5435: An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PK
An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to
nvd
CVE-2014-9186P3CRITICALCVSS 9.8≥ r400, < r400.6≥ r410, < r410.6+1 more2019-04-08
CVE-2014-9186 [CRITICAL] CWE-98 CVE-2014-9186: A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before
A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code execution. Honeywell strongly encourages and recommends all customers running unsu
nvd
CVE-2014-5436P3HIGHCVSS 7.5≥ r400, < r400.6≥ r410, < r410.6+1 more2019-04-08
CVE-2014-5436 [HIGH] CWE-22 CVE-2014-5436: A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x be
A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.
nvd
CVE-2016-8344P4LOWCVSS 3.7≤ 311v410+3 more2017-02-13
CVE-2016-8344 [LOW] CWE-20 CVE-2016-8344: An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS,
An issue was discovered in Honeywell Experion Process Knowledge System (PKS) platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release 430, and Experion PKS, Release 431. Experion PKS does not properly validate input. By sending a specially crafted packet, an attacker could cause the process
nvd