CVE-2023-5393

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-5393
Server receiving a malformed message that causes a disconnect to a hostname may causing a stack overflow resulting in possible remote code execution. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.

7.4 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://process.honeywell.com
Configurations

No configuration.

History

24 Apr 2024, 18:15

Type Values Removed Values Added
Summary (en) Server receiving a malformed message that causes a disconnect to a hostname may causing a stack overflow resulting in possible remote code execution. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning. (en) Server receiving a malformed message that causes a disconnect to a hostname may causing a stack overflow resulting in possible remote code execution. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.

12 Apr 2024, 12:44

Type Values Removed Values Added
Summary
  • (es) El servidor que recibe un mensaje con formato incorrecto que provoca una desconexión de un nombre de host puede provocar un desbordamiento de la pila, lo que resulta en una posible ejecución remota de código. Honeywell recomienda actualizar a la versión más reciente del producto. Consulte la Notificación de seguridad de Honeywell para obtener recomendaciones sobre actualización y control de versiones.

11 Apr 2024, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-11 20:15

Updated : 2024-04-24 18:15

NVD link : CVE-2023-5393

Mitre link : CVE-2023-5393

CVE.ORG link : CVE-2023-5393

JSON object : View

Products Affected

No product.

CWE
CWE-130

Improper Handling of Length Parameter Inconsistency