CVE-2025-2520

Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS versions 520.1 through 520.2 TCU9 Honeywell Experion PKS versions 530 through 530 TCU3

Description: The Honeywell Experion PKS contains an uninitialized variable in the common Epic Platform Analyzer (EPA) communications. An attacker could exploit this issue, leading to a communication channel manipulation, which results in a dereferencing of an uninitialized pointer, causing a denial of service.

Recommendations: Honeywell Experion PKS version 520.2 TCU9 HF1 Honeywell Experion PKS version 530.1 TCU3 HF1