CVE-2025-3947

Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS versions 520.1 through 520.2 TCU9 Honeywell Experion PKS versions 530 through 530 TCU3

Description: The Honeywell Experion PKS contains an integer underflow vulnerability in the Control Data Access (CDA) component. An attacker could exploit this vulnerability, leading to input data manipulation. This could result in improper integer data value checking during subtraction, potentially leading to a denial of service.

Recommendations: Honeywell Experion PKS versions 520.1 through 520.2 TCU9: Update to version 520.2 TCU9 HF1. Honeywell Experion PKS versions 530 through 530 TCU3: Update to version 530.1 TCU3 HF1.