CVE-2023-5392
First published: Thu Apr 11 2024(Updated: )
C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.
Credit: psirt@honeywell.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Honeywell C300 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-5392?
CVE-2023-5392 is classified as a high severity vulnerability due to the potential for sensitive information leakage.
How do I fix CVE-2023-5392?
To fix CVE-2023-5392, update to the most recent version of the Honeywell C300 product as recommended by Honeywell.
What type of vulnerability is CVE-2023-5392?
CVE-2023-5392 is an information leak vulnerability that allows excessive memory extraction over the network.
Which products are affected by CVE-2023-5392?
CVE-2023-5392 specifically affects the Honeywell C300 system.
Is there a workaround for CVE-2023-5392?
There is no specific workaround mentioned for CVE-2023-5392; it is recommended to upgrade to mitigate the risks.
- agent/references
- agent/weakness
- agent/first-publish-date
- agent/type
- agent/description
- collector/nvd-api
- source/NVD
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/honeywell
- canonical/honeywell c300 firmware