Security News > 2021 > October > Multiple Critical Flaws Discovered in Honeywell Experion PKS and ACE Controllers
The U.S. Cybersecurity and Infrastructure Security Agency on Tuesday released an advisory regarding multiple security vulnerabilities affecting all versions of Honeywell Experion Process Knowledge System C200, C200E, C300, and ACE controllers that could be exploited to achieve remote code execution and denial-of-service conditions.
"A Control Component Library may be modified by a bad actor and loaded to a controller such that malicious code is executed by the controller," Honeywell noted in an independent security notification published earlier this February.
Experion Process Knowledge System is a distributed control system that's designed to control large industrial processes spanning a variety of sectors ranging from petrochemical refineries to nuclear power plants where high reliability and security is important.
According to Claroty, the issues hinge on the download code procedure that's essential to program the logic running in the controller, thus enabling an attacker to mimic the process and upload arbitrary CLL binary files.
"The device then loads the executables without performing checks or sanitization, giving an attacker the ability to upload executables and run unauthorized native code remotely without authentication," researchers Henigman and Erez said.
To prevent loading a modified CCL with malicious code to a controller, Honeywell has incorporated additional security enhancements by cryptographically signing each CCL binary that's validated prior to its use.