Honeywell Experion PKS
Moderate fix2 remedies
cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= 520.1, <= 520.2 TCU9
- >= 530, <= 530 TCU3
Honeywell Experion PKS and OneWireless WDM Control Data Access Component Wrong Handler Vulnerability Allowing Remote Code Execution
Vulnerability
Patched
A vulnerability has been identified in the Honeywell Experion PKS and OneWireless WDM products, specifically within the Control Data Access (CDA) component. This vulnerability arises from a wrong handler deployment, which an attacker could exploit to manipulate input data. Such manipulation may lead to incorrect packet handling, potentially allowing remote code execution. The affected Experion PKS versions range from 520.1 to 520.2 TCU9, and from 530 to 530 TCU3. In OneWireless WDM, versions 322.1 to 322.4 and 330.1 to 330.3 are affected. The vulnerable Experion PKS products include C300 PCNT02, C300 PCNT05, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E.
Impact
Exploitation of this vulnerability could result in remote code execution on the affected system.
Remediation
Users are advised to update to the latest versions of Honeywell Experion PKS (520.2 TCU9 HF1 and 530.1 TCU3 HF1) and OneWireless (322.5 and 331.1).
Added: Jul 10, 2025, 9:34 PM
Updated: Jul 10, 2025, 9:34 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
10.0exploitability
7.0remediation
7.7relevance
0.2threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.