CVE-2022-30313

Name of the Vulnerable Software and Affected Versions Honeywell Experion PKS Safety Manager versions prior to 2022-05-06

Description The issue is related to the lack of authentication in the proprietary protocols used by the Honeywell Experion PKS Distributed Control System (DCS) Safety Manager, including Experion TCP (51000/TCP) and Safety Builder (51010/TCP). This allows an attacker to invoke desired functionality without authentication, potentially leading to adverse impacts such as manipulating controller state, configuration, logic, files, and IO. An attacker could issue IO manipulation commands, file read/write commands, controller start/stop commands, logic download/upload commands, file read commands, and system time change commands. A mitigating factor is that some of these functionalities require the Safety Manager physical keyswitch to be in the right position.

Recommendations For Honeywell Experion PKS Safety Manager versions prior to 2022-05-06, consider disabling the Experion TCP and Safety Builder protocols until a patch is available. Restrict access to the affected ports (51000/TCP and 51010/TCP) to minimize the risk of exploitation. As a temporary workaround, ensure the Safety Manager physical keyswitch is not in the position that allows invocation of critical functionalities.