Honeywell Experion PKS, LX and PlantCruise Uncontrolled Resource Consumption (CVE-2023-26597)

high Tenable OT Security Plugin ID 501612

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Honeywell recommends users upgrade Experion Platforms to version R520.2. Download information includes the following:

- Product: Experion PKS, LX, & PlantCruise
- Version: R520.2
- For instructions on this process:
- Go to the Honeywell Website and sign in.
- Select “Support” at the top of the web page.
- Select “Product Documents & Downloads.”
- In the given search box, search for: “Experion PKS R520.2”, “Experion LX R520.2” or “Experion PlantCruise R520.2” and select the hyperlink for the given Experion platform.

Honeywell advises users to follow security best practices for Experion platform environments to ensure access is limited to authorized users only. Users should ensure the backup files are maintained in a network location or physical drive with access limited to authorized users only and should not share them.

Honeywell Security Notifications are available on the Honeywell website. For access, users should visit the Honeywell website and sign in, select the search icon at the top of the web page, and search for “SN2023-06-22”.

See Also

https://process.honeywell.com

https://www.cisa.gov/news-events/ics-advisories/icsa-23-194-06

Plugin Details

Severity: High

ID: 501612

Version: 1.5

Type: remote

Family: Tenable.ot

Published: 9/5/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2023-26597

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:honeywell:c300_firmware:511, cpe:/o:honeywell:c300_firmware:501, cpe:/o:honeywell:c300_firmware:520, cpe:/o:honeywell:c300_firmware:510

Required KB Items: Tenable.ot/Honeywell

Exploit Ease: No known exploits are available

Patch Publication Date: 7/13/2023

Vulnerability Publication Date: 7/13/2023

Reference Information

CVE: CVE-2023-26597

CWE: 787

ICSA: 23-194-06