CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30244
https://notcve.org/view.php?id=CVE-2022-30244
15 Jul 2022 — Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller's function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. ... • https://blog.scadafence.com • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30243
https://notcve.org/view.php?id=CVE-2022-30243
15 Jul 2022 — Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller's function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. Honeywell Aler... • https://blog.scadafence.com • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30242
https://notcve.org/view.php?id=CVE-2022-30242
15 Jul 2022 — Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller's function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configurat... • https://blog.scadafence.com •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1261 – Matrikon OPC Server Improper Access Control
https://notcve.org/view.php?id=CVE-2022-1261
26 May 2022 — Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges. Matrikon, una filial de Honeywell Matrikon OPC Server (todas las versiones) es vulnerable a una condición en la que un usuario poco privilegiado puede conectarse al servidor OPC para usar las funciones del IPersisFile para ejecutar procesos... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-02 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-39363
https://notcve.org/view.php?id=CVE-2021-39363
24 Feb 2022 — Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack after ARP cache poisoning has been achieved. Los dispositivos Honeywell HDZP252DI versión 1.00.HW02.4 y HBW2PER1 versión 1.000.HW01.3, permiten un ataque de repetición de vídeo tras el envenenamiento de la caché ARP • https://buildings.honeywell.com/content/dam/hbtbt/en/documents/downloads/Security_Notification_SN_2022-01-26-01_CVE-2021-39363_Command_Injection_HDZP252DI.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-39364
https://notcve.org/view.php?id=CVE-2021-39364
24 Feb 2022 — Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for camera control) after ARP cache poisoning has been achieved. Los dispositivos Honeywell HDZP252DI versión 1.00.HW02.4 y HBW2PER1 versión 1.000.HW01.3, permiten una suplantación de comandos (para el control de la cámara) tras el envenenamiento de la caché ARP • https://buildings.honeywell.com/content/dam/hbtbt/en/documents/downloads/Security_Notification_SN_2022-01-26-02_CVE-2021-39364_Video_Replay_HBW2PER1.pdf • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27295
https://notcve.org/view.php?id=CVE-2020-27295
26 Jan 2021 — The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). El producto afectado tiene problemas de consumo incontrolado de recursos, lo que puede permitir a un atacante provocar una condición de denegación de servicio en el tunelador OPC UA (versiones anteriores a la 6.3.0.8233) • https://us-cert.cisa.gov/ics/advisories/icsa-21-021-03 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27297
https://notcve.org/view.php?id=CVE-2020-27297
26 Jan 2021 — The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC UA Tunneller (versions prior to 6.3.0.8233). El producto afectado es vulnerable a un desbordamiento del búfer en la región heap de la memoria, que puede permitir a un atacante manipular la memoria con valores controlados y ejecutar código remotamente en el OPC UA Tunneller (versiones anteriores a 6.3.0.8233) • https://us-cert.cisa.gov/ics/advisories/icsa-21-021-03 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27299
https://notcve.org/view.php?id=CVE-2020-27299
26 Jan 2021 — The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233). El producto afectado es vulnerable a una lectura fuera de límites, lo que puede permitir a un atacante obtener y divulgar información confidencial o causar el bloqueo del dispositivo en el OPC UA Tunneller (versiones anteriores a 6.3.0.8233) • https://us-cert.cisa.gov/ics/advisories/icsa-21-021-03 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27274
https://notcve.org/view.php?id=CVE-2020-27274
26 Jan 2021 — Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). Algunas funciones de análisis en el producto afectado no comprueban el valor de retorno de malloc y el subproceso que maneja el mensaje está obligado a cerrarse, lo que puede conllevar a una condición de denegación de servicio en el OPC UA Tunneller (versiones ante... • https://us-cert.cisa.gov/ics/advisories/icsa-21-021-03 • CWE-754: Improper Check for Unusual or Exceptional Conditions •