First published: Thu Jul 28 2022(Updated: )
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0054, there is a Honeywell Experion PKS Safety Manager unauthenticated firmware update issue. The affected components are characterized as: Firmware update functionality. The potential impact is: Firmware manipulation. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 communication FTA serial interface and Enea POLO bootloader for firmware management purposes. An engineering workstation running the Safety Builder software communicates via serial or serial-over-ethernet link with the DCOM-232/485 interface. Firmware images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. Firmware images are unsigned. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize hardcoded credentials (see FSCT-2022-0052) for the POLO bootloader to control the boot process and push malicious firmware images to the controller allowing for firmware manipulation, remote code execution and denial of service impacts. A mitigating factor is that in order for a firmware update to be initiated, the Safety Manager has to be rebooted which is typically done by means of physical controls on the Safety Manager itself. As such, an attacker would have to either lay dormant until a legitimate reboot occurs or possibly attempt to force a reboot through a secondary vulnerability.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Honeywell Safety Manager Firmware | ||
Honeywell Safety Manager | ||
Honeywell Safety Manager: (CVE-2022-30315, CVE-2022-30313, and CVE-2022-30316) All versions | ||
Honeywell Safety Manager: (CVE-2022-30314) Versions prior to R160.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-30316 is a vulnerability found in Honeywell Experion PKS Safety Manager 5.02.
CVE-2022-30316 has a severity rating of medium (6.8).
The affected software of CVE-2022-30316 is Honeywell Safety Manager Firmware.
CVE-2022-30316 is an insufficient verification of data authenticity vulnerability in Honeywell Experion PKS Safety Manager 5.02, specifically in the firmware update functionality.
To fix CVE-2022-30316, it is recommended to follow the guidance provided by the vendor or apply the necessary security patches or updates.