CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30317
https://notcve.org/view.php?id=CVE-2022-30317
Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access (CDA) EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell Control Data Access (CDA) EpicMo (55565/TCP). The potential impact is: Firmware manipulation, Denial of service. The Honeywell Experion LX Distributed Control System (DCS) utilizes the Control Data Access (CDA) EpicMo protocol (55565/TCP) for device diagnostics and maintenance purposes. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-07 https://www.forescout.com/blog • CWE-306: Missing Authentication for Critical Function •