CVE-2021-38397

Name of the Vulnerable Software and Affected Versions Honeywell Experion PKS versions C200, C200E, C300, and ACE

Description The issue is related to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition. This could potentially enable an attacker to disrupt the system's operation.

Recommendations For Honeywell Experion PKS versions C200, C200E, C300, and ACE, consider restricting file uploads to prevent remote execution of arbitrary code until a patch is available. As a temporary workaround, restrict access to file upload functionality to minimize the risk of exploitation.