CVE-2023-5392

EUVD-2023-57707
C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
honeywellc300
510.1 ≤
𝑥
≤ 510.2_hf13
ADP
honeywellc300
511.1 ≤
𝑥
≤ 511.5_tcu4_hf3
ADP
honeywellc300
520.1 ≤
𝑥
≤ 520.1_tcu4
ADP
honeywellc300
520.2 ≤
𝑥
≤ 520.2_tcu4
ADP
honeywellc300
520.2_tcu4_hfr2 ≤
𝑥
≤ 511.5_tcu4_hf3
ADP
Common Weakness Enumeration
References
https://process.honeywell.com
https://process.honeywell.com