// For flags

CVE-2022-30314

 

Severity Score

4.6
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054).

Honeywell Experion PKS Safety Manager versión 5.02, usa credenciales embebidas. Según FSCT-2022-0052, se presenta un problema de credenciales embebidas de Honeywell Experion PKS Safety Manager. Los componentes afectados son caracterizados como: POLO bootloader. El impacto potencial es: Manipular el firmware. El Safety Manager de Honeywell Experion PKS usa la interfaz serie DCOM-232/485 para la administración del firmware. Cuando arranca, el Safety Manager expone el bootloader Enea POLO por medio de esta interfaz. El acceso a la configuración de arranque es controlada mediante credenciales embebidas en el firmware del Safety Manager. Las credenciales para el cargador de arranque están embebidas en el firmware. Un atacante con acceso a la interfaz serie (ya sea mediante un acceso físico, un EWS comprometido o una puerta de enlace serie-ethernet expuesta) puede usar estas credenciales para controlar el proceso de arranque y manipular la imagen de firmware no autenticada (ver FSCT-2022-0054)

*Credits: N/A
CVSS Scores
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-05-06 CVE Reserved
  • 2022-07-28 CVE Published
  • 2024-02-18 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-798: Use of Hard-coded Credentials
CAPEC
References (2)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Honeywell
Search vendor "Honeywell"
Safety Manager Firmware
Search vendor "Honeywell" for product "Safety Manager Firmware"
< r160.1
Search vendor "Honeywell" for product "Safety Manager Firmware" and version " < r160.1"
-
Affected
in Honeywell
Search vendor "Honeywell"
Safety Manager
Search vendor "Honeywell" for product "Safety Manager"
--
Safe