Vulnerability Description
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Honeywell | Experion Process Knowledge System | >= r400, < r400.6 |
Related Weaknesses (CWE)
References
- https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01MitigationThird Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01MitigationThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2014-9189?
CVE-2014-9189 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that coul...
How severe is CVE-2014-9189?
CVE-2014-9189 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2014-9189?
Check the references section above for vendor advisories and patch information. Affected products include: Honeywell Experion Process Knowledge System.