CVE-2022-30314
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054).
Honeywell Experion PKS Safety Manager versión 5.02, usa credenciales embebidas. Según FSCT-2022-0052, se presenta un problema de credenciales embebidas de Honeywell Experion PKS Safety Manager. Los componentes afectados son caracterizados como: POLO bootloader. El impacto potencial es: Manipular el firmware. El Safety Manager de Honeywell Experion PKS usa la interfaz serie DCOM-232/485 para la administración del firmware. Cuando arranca, el Safety Manager expone el bootloader Enea POLO por medio de esta interfaz. El acceso a la configuración de arranque es controlada mediante credenciales embebidas en el firmware del Safety Manager. Las credenciales para el cargador de arranque están embebidas en el firmware. Un atacante con acceso a la interfaz serie (ya sea mediante un acceso físico, un EWS comprometido o una puerta de enlace serie-ethernet expuesta) puede usar estas credenciales para controlar el proceso de arranque y manipular la imagen de firmware no autenticada (ver FSCT-2022-0054)
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-05-06 CVE Reserved
- 2022-07-28 CVE Published
- 2024-02-18 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-02 | Mitigation | |
https://www.forescout.com/blog | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Honeywell Search vendor "Honeywell" | Safety Manager Firmware Search vendor "Honeywell" for product "Safety Manager Firmware" | < r160.1 Search vendor "Honeywell" for product "Safety Manager Firmware" and version " < r160.1" | - |
Affected
| in | Honeywell Search vendor "Honeywell" | Safety Manager Search vendor "Honeywell" for product "Safety Manager" | - | - |
Safe
|