// For flags

CVE-2022-30317

 

Severity Score

9.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access (CDA) EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell Control Data Access (CDA) EpicMo (55565/TCP). The potential impact is: Firmware manipulation, Denial of service. The Honeywell Experion LX Distributed Control System (DCS) utilizes the Control Data Access (CDA) EpicMo protocol (55565/TCP) for device diagnostics and maintenance purposes. This protocol does not have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality. There is no authentication functionality on the protocol in question. An attacker capable of invoking the protocols' functionalities could issue firmware download commands potentially allowing for firmware manipulation and reboot devices causing denial of service.

Honeywell Experion LX versiones hasta 06-05-2022, presenta una autenticación faltante para una función crítica. Según FSCT-2022-0055, se presenta un problema de acceso a datos de control (CDA) del protocolo EpicMo de Honeywell Experion LX con funcionalidad no autenticada. Los componentes afectados se caracterizan como: Honeywell Control Data Access (CDA) EpicMo (55565/TCP). El impacto potencial es: Manipulación del firmware, Denegación de servicio. El Sistema de Control Distribuido (DCS) Experion LX de Honeywell usa el protocolo de Acceso a Datos de Control (CDA) EpicMo (55565/TCP) para fines de diagnóstico y mantenimiento del dispositivo. Este protocolo no presenta ninguna función de autenticación, lo que permite a cualquier atacante capaz de comunicarse con los puertos en cuestión invocar (un subconjunto de) la funcionalidad deseada. El protocolo en cuestión no presenta ninguna funcionalidad de autenticación. Un atacante capaz de invocar las funcionalidades de los protocolos podría emitir comandos de descarga de firmware permitiendo potencialmente la manipulación del firmware y el reinicio de los dispositivos causando una denegación de servicio

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-05-06 CVE Reserved
  • 2022-08-31 CVE Published
  • 2024-03-23 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-306: Missing Authentication for Critical Function
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Honeywell
Search vendor "Honeywell"
Experion Lx Firmware
Search vendor "Honeywell" for product "Experion Lx Firmware"
< r520.1
Search vendor "Honeywell" for product "Experion Lx Firmware" and version " < r520.1"
-
Affected
in Honeywell
Search vendor "Honeywell"
Experion Lx
Search vendor "Honeywell" for product "Experion Lx"
--
Safe