Vulnerabilities > CVE-2023-25770 - Deserialization of Untrusted Data vulnerability in Honeywell C300 Firmware

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

honeywell

CWE-502

NVD

Published: 2023-07-13

Updated: 2024-04-22

Summary

Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning.

Vulnerable Configurations

Part	Description	Count
OS	Honeywell Honeywell C300 Firmware *	1
Hardware	Honeywell Honeywell C300 -	1

Common Weakness Enumeration (CWE)

CWE-502 - Deserialization of Untrusted Data

References

https://process.honeywell.com