CVE-2022-30314

Name of the Vulnerable Software and Affected Versions Honeywell Experion PKS Safety Manager version 5.02

Description The issue is related to the use of hard-coded credentials in the Honeywell Experion PKS Safety Manager. The affected component is the POLO bootloader. An attacker with access to the serial interface can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image. The potential impact is the ability to manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes, and when booting, it exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware.

Recommendations For Honeywell Experion PKS Safety Manager version 5.02, consider restricting access to the serial interface to minimize the risk of exploitation. As a temporary workaround, limit physical access to the device and ensure that any connected systems, such as EWS or serial-to-ethernet gateways, are secure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.