**Name of the Vulnerable Software and Affected Versions:**

Honeywell Experion PKS versions 520.1 through 520.2 TCU9

Honeywell Experion PKS versions 530 through 530 TCU3

Honeywell OneWireless WDM versions 322.1 through 322.4

Honeywell OneWireless WDM versions 330.1 through 330.3

Honeywell OneWireless WDM version 331.1

Honeywell Experion PKS version 520.2 TCU9 HF1

Honeywell Experion PKS version 530.1 TCU3 HF1

Honeywell OneWireless version 322.5

**Description:**

The Honeywell Experion PKS and OneWireless WDM contain an integer underflow vulnerability in the Control Data Access (CDA) component. An attacker could exploit this vulnerability, leading to communication channel manipulation, potentially causing a failure during subtraction and allowing remote code execution.

**Recommendations:**

Honeywell Experion PKS versions 520.1 through 520.2 TCU9: Update to version 520.2 TCU9 HF1.

Honeywell Experion PKS versions 530 through 530 TCU3: Update to version 530.1 TCU3 HF1.

Honeywell OneWireless WDM versions 322.1 through 322.4: Update to version 322.5.

Honeywell OneWireless WDM versions 330.1 through 330.3: Update to version 331.1.