PT-2024-14792 · Honeywell · Honeywell C300

Published

2024-04-11

Updated

2024-04-12

CVE-2023-5392

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Honeywell C300 (affected versions not specified)

Description The issue is related to an analysis feature that allows extracting more memory over the network than required by the function, leading to an information leak.

Recommendations Update to the most recent version of the product, following the recommendations on upgrading and versioning provided in the Honeywell Security Notification.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1295

Related Identifiers

CVE-2023-5392

Affected Products

Honeywell C300

PT-2024-14792 · Honeywell · Honeywell C300

CVE-2023-5392

Weakness Enumeration

Related Identifiers

Affected Products

References · 3