8.1
CVE-2023-5395
- EPSS 1.21%
- Published 17.04.2024 17:15:12
- Last modified 21.11.2024 08:41:41
- Source psirt@honeywell.com
- Teams watchlist Login
- Open Login
Server receiving a malformed message that uses the hostname in an internal table may cause a stack overflow resulting in possible remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Vendorhoneywell
≫
Product
experion_server
Default Statusunknown
Version <=
520.2_tcu4
Version
520.2
Status
affected
Vendorhoneywell
≫
Product
experion_server
Default Statusunknown
Version <=
510.2_hf13
Version
510.1
Status
affected
Vendorhoneywell
≫
Product
experion_server
Default Statusunknown
Version <=
520.1_tcu4
Version
520.1
Status
affected
Vendorhoneywell
≫
Product
experion_server
Default Statusunknown
Version <=
511.5_tcu4_hf3
Version
511.1
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.21% | 0.782 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| psirt@honeywell.com | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).