CVE-2012-0254

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS) Enterprise Building Manager R400 and R410.1; and Honeywell Environmental Combustion and Controls (ECC) SymmetrE R410.1 allows remote attackers to execute arbitrary code via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
honeywellenterprise_building_manager
r410.1
honeywellexperion
r400.0
honeywellsymmetre
r410.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.us-cert.gov/control_systems/pdf/ICSA-12-150-01.pdf
https://www.honeywellprocess.com/en-US/support/pages/all-notifications.aspx
http://www.us-cert.gov/control_systems/pdf/ICSA-12-150-01.pdf
https://www.honeywellprocess.com/en-US/support/pages/all-notifications.aspx