CISA issued an advisory this Tuesday regarding some Honeywell critical vulnerabilities. If exploited, the consequences might be remote code execution (RCE) and DoS attacks (Denial of Service). These flaws are related to Honeywell Experion Process Knowledge System C200, C200E, C300 versions, and also to ACE controllers.
Honeywell Critical Vulnerabilities: More Details
According to a report published by the two mentioned experts, the CVEs are:
It has a score of 10.0 and the products that are impacted by unrestricted file upload might be compromised with RCE and dos.
This is related to incorrect output neutralization of special components, leading also to remote code execution and denial of service.
The relative path traversal is what makes the impacted devices vulnerable. Through successful exploitation, cybercriminals could illicitly access files and directories.
The researchers also shared more details on how an attack might happen:
In the case of the Experion PKS, Team82 found that it is possible to mimic the download code procedure and use these requests to upload arbitrary DLL/ELF files (for simulators and controllers, respectively). The