Honeywell Experion PKS
Moderate fix2 remedies
cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= 520.1, <= 520.2 TCU9
- >= 530, <= 530 TCU3
Honeywell Experion PKS and OneWireless WDM Control Data Access Component Memory Buffer Vulnerability Allowing Remote Code Execution
Vulnerability
Patched
A memory buffer vulnerability has been identified in the Control Data Access (CDA) component of Honeywell Experion PKS and OneWireless WDM. This vulnerability could be exploited by an attacker, leading to buffer overread conditions. Such exploitation may cause improper index validation against buffer boundaries, potentially allowing remote code execution. The affected versions of Experion PKS are 520.1 prior to 520.2 TCU9 and 530 prior to 530 TCU3. For OneWireless WDM, the vulnerable versions are 322.1 through 322.4 and 330.1 through 330.3. The impacted Experion PKS products include C300 PCNT02, C300 PCNT05, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E.
Impact
Exploitation of this vulnerability could lead to remote code execution on the affected system.
Remediation
Users are advised to update to the latest versions of Honeywell Experion PKS: 520.2 TCU9 HF1 and 530.1 TCU3 HF1, and OneWireless: 322.5 and 331.1.
Added: Jul 10, 2025, 9:40 PM
Updated: Jul 10, 2025, 9:40 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
10.0exploitability
7.0remediation
7.7relevance
0.2threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.