Detections
Analytics

Honeywell Experion PKS, LX and PlantCruise Insufficient Verification of Data Authenticity (CVE-2023-25178)

critical Tenable OT Security Plugin ID 501611

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Controller may be loaded with malicious firmware which could enable remote code execution

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Honeywell recommends users upgrade Experion Platforms to version R520.2. Download information includes the following:

- Product: Experion PKS, LX, & PlantCruise
- Version: R520.2
- For instructions on this process:
- Go to the Honeywell Website and sign in.
 - Select “Support” at the top of the web page.
 - Select “Product Documents & Downloads.”
 - In the given search box, search for: “Experion PKS R520.2”, “Experion LX R520.2” or “Experion PlantCruise R520.2” and select the hyperlink for the given Experion platform.

Honeywell advises users to follow security best practices for Experion platform environments to ensure access is limited to authorized users only. Users should ensure the backup files are maintained in a network location or physical drive with access limited to authorized users only and should not share them.

Honeywell Security Notifications are available on the Honeywell website. For access, users should visit the Honeywell website and sign in, select the search icon at the top of the web page, and search for “SN2023-06-22”.

See Also

https://process.honeywell.com

https://www.cisa.gov/news-events/ics-advisories/icsa-23-194-06

Plugin Details

Severity: Critical

ID: 501611

Version: 1.5

Type: remote

Family: Tenable.ot

Published: 9/5/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-25178

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:honeywell:c300_firmware:511, cpe:/o:honeywell:c300_firmware:501, cpe:/o:honeywell:c300_firmware:520, cpe:/o:honeywell:c300_firmware:510

Required KB Items: Tenable.ot/Honeywell

Exploit Ease: No known exploits are available

Patch Publication Date: 7/13/2023

Vulnerability Publication Date: 7/13/2023

Reference Information

CVE: CVE-2023-25178

CWE: 345

ICSA: 23-194-06