CVE-2023-25948 – Server Data type confusion - info leak
https://notcve.org/view.php?id=CVE-2023-25948
Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning. • https://process.honeywell.com • CWE-209: Generation of Error Message Containing Sensitive Information CWE-394: Unexpected Status Code or Return Value •
CVE-2023-25078 – DoS due to heap overflow
https://notcve.org/view.php?id=CVE-2023-25078
Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. See Honeywell Security Notification for recommendations on upgrading and versioning. • https://process.honeywell.com • CWE-787: Out-of-bounds Write •
CVE-2023-24474 – Server deserialization missing boundary checks - heap overflow in communication between server and controller
https://notcve.org/view.php?id=CVE-2023-24474
Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message • https://process.honeywell.com • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-23585 – Server DoS due to heap overflow
https://notcve.org/view.php?id=CVE-2023-23585
Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. See Honeywell Security Notification for recommendations on upgrading and versioning. • https://process.honeywell.com • CWE-787: Out-of-bounds Write •
CVE-2023-22435 – Server bad parsing implementation - stack overflow in server::get_db_path_for_driver
https://notcve.org/view.php?id=CVE-2023-22435
Experion server may experience a DoS due to a stack overflow when handling a specially crafted message. • https://process.honeywell.com • CWE-697: Incorrect Comparison CWE-787: Out-of-bounds Write •