CVE-2023-5389
First published: Tue Jan 30 2024(Updated: )
An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files that could result in subsequent execution of a malicious application if triggered. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.
Credit: psirt@honeywell.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Honeywell Controledge Unit Operations Controller Firmware | ||
| Honeywell Controledge Unit Operations Controller | ||
| All of | ||
| Honeywell Controledge Virtual Unit Operations Controller Firmware | ||
| Honeywell Controledge Virtual Unit Operations Controller |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- agent/weakness
- agent/references
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/description
- agent/last-modified-date
- agent/severity
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/epss-latest
- source/FIRST
- agent/tags
- agent/epss
- vendor/honeywell
- canonical/honeywell controledge unit operations controller firmware
- canonical/honeywell controledge unit operations controller
- canonical/honeywell controledge virtual unit operations controller firmware
- canonical/honeywell controledge virtual unit operations controller