CWE
354 345
Advisory Published
Updated

CVE-2022-30316

First published: Thu Jul 28 2022(Updated: )

Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The potential impact is: Firmware manipulation. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 communication FTA serial interface and Enea POLO bootloader for firmware management purposes. An engineering workstation running the Safety Builder software communicates via serial or serial-over-ethernet link with the DCOM-232/485 interface. Firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. Firmware images are unsigned. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize hardcoded credentials (see FSCT-2022-0052) for the POLO bootloader to control the boot process and push malicious firmware images to the controller allowing for firmware manipulation, remote code execution and denial of service impacts. A mitigating factor is that in order for a firmware update to be initiated, the Safety Manager has to be rebooted which is typically done by means of physical controls on the Safety Manager itself. As such, an attacker would have to either lay dormant until a legitimate reboot occurs or possibly attempt to force a reboot through a secondary vulnerability.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Honeywell Safety Manager Firmware
Honeywell Safety Manager
Honeywell Safety Manager: (CVE-2022-30315, CVE-2022-30313, and CVE-2022-30316) All versions
Honeywell Safety Manager: (CVE-2022-30314) Versions prior to R160.1

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

  • What is CVE-2022-30316?

    CVE-2022-30316 is a vulnerability found in Honeywell Experion PKS Safety Manager 5.02.

  • What is the severity of CVE-2022-30316?

    CVE-2022-30316 has a severity rating of medium (6.8).

  • What is the affected software of CVE-2022-30316?

    The affected software of CVE-2022-30316 is Honeywell Safety Manager Firmware.

  • What is the vulnerability description of CVE-2022-30316?

    CVE-2022-30316 is an insufficient verification of data authenticity vulnerability in Honeywell Experion PKS Safety Manager 5.02, specifically in the firmware update functionality.

  • How can I fix CVE-2022-30316?

    To fix CVE-2022-30316, it is recommended to follow the guidance provided by the vendor or apply the necessary security patches or updates.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203