An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.
References
Link | Resource |
---|---|
https://process.honeywell.com | Product |
https://www.honeywell.com/us/en/product-security | Not Applicable |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
08 Feb 2024, 17:18
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-22 | |
First Time |
Honeywell controledge Virtual Unit Operations Controller
Honeywell Honeywell controledge Unit Operations Controller Firmware Honeywell controledge Virtual Unit Operations Controller Firmware Honeywell controledge Unit Operations Controller |
|
CPE | cpe:2.3:o:honeywell:controledge_virtual_unit_operations_controller_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:honeywell:controledge_virtual_unit_operations_controller:-:*:*:*:*:*:*:* cpe:2.3:h:honeywell:controledge_unit_operations_controller:-:*:*:*:*:*:*:* cpe:2.3:o:honeywell:controledge_unit_operations_controller_firmware:-:*:*:*:*:*:*:* |
|
References | () https://process.honeywell.com - Product | |
References | () https://www.honeywell.com/us/en/product-security - Not Applicable |
31 Jan 2024, 19:54
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-31 18:15
Updated : 2024-02-08 17:18
NVD link : CVE-2023-5390
Mitre link : CVE-2023-5390
CVE.ORG link : CVE-2023-5390
JSON object : View
Products Affected
honeywell
- controledge_virtual_unit_operations_controller
- controledge_unit_operations_controller_firmware
- controledge_virtual_unit_operations_controller_firmware
- controledge_unit_operations_controller