Vulnerability Description
An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files that could result in subsequent execution of a malicious application if triggered. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Honeywell | Controledge Unit Operations Controller Firmware | - |
| Honeywell | Controledge Unit Operations Controller | - |
| Honeywell | Controledge Virtual Unit Operations Controller Firmware | - |
| Honeywell | Controledge Virtual Unit Operations Controller | - |
Related Weaknesses (CWE)
References
- https://process.honeywell.comProduct
- https://www.honeywell.com/us/en/product-securityNot Applicable
- https://process.honeywell.comProduct
- https://www.honeywell.com/us/en/product-securityNot Applicable
FAQ
What is CVE-2023-5389?
CVE-2023-5389 is a vulnerability with a CVSS score of 9.1 (CRITICAL). An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write...
How severe is CVE-2023-5389?
CVE-2023-5389 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-5389?
Check the references section above for vendor advisories and patch information. Affected products include: Honeywell Controledge Unit Operations Controller Firmware, Honeywell Controledge Unit Operations Controller, Honeywell Controledge Virtual Unit Operations Controller Firmware, Honeywell Controledge Virtual Unit Operations Controller.