CVE-2022-30316

Name of the Vulnerable Software and Affected Versions Honeywell Experion PKS Safety Manager version 5.02

Description The issue is related to insufficient verification of data authenticity, allowing for potential firmware manipulation. The affected component is the firmware update functionality. An attacker with access to the serial interface can utilize hardcoded credentials for the POLO bootloader to control the boot process and push malicious firmware images, enabling firmware manipulation, remote code execution, and denial of service impacts. The vulnerability can be exploited by an attacker with access to the serial interface, either through physical access, a compromised engineering workstation, or an exposed serial-to-ethernet gateway. A mitigating factor is that a reboot of the Safety Manager is required to initiate a firmware update, which is typically done through physical controls on the device.

Recommendations For Honeywell Experion PKS Safety Manager version 5.02, consider disabling the firmware update functionality until a patch is available. Restrict access to the serial interface and the POLO bootloader to minimize the risk of exploitation. Avoid using hardcoded credentials for the POLO bootloader. As a temporary workaround, consider implementing additional security measures to prevent unauthorized access to the serial interface and the engineering workstation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.