CVE-2023-25770

Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message.See Honeywell Security Notification for recommendations on upgrading and versioning.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
HoneywellCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
honeywellc300
501.6hf8 ≤
𝑥
≤ 501.6hf8
honeywellc300
510.2hf12 ≤
𝑥
≤ 510.2hf12
honeywellc300
511.5tcu3 ≤
𝑥
≤ 511.5tcu3
honeywellc300
520.1tcu4 ≤
𝑥
≤ 520.1tcu4
honeywellc300
520.2tcu2 ≤
𝑥
≤ 520.2tcu2
honeywellc300_firmware
501.1 ≤
𝑥
≤ 501.6hf8
honeywellc300_firmware
510.1 ≤
𝑥
≤ 510.2hf12
honeywellc300_firmware
511.1 ≤
𝑥
≤ 511.5tcu3
honeywellc300_firmware
520.1 ≤
𝑥
≤ 520.1tcu4
honeywellc300_firmware
520.2 ≤
𝑥
≤ 520.2tcu2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://process.honeywell.com
https://process.honeywell.com