Honeywell patched multiple critical and high-severity vulnerabilities in its Experion PKS industrial control system, potentially allowing remote code execution and DoS attacks. These flaws impact devices used in critical infrastructure sectors worldwide, emphasizing the importance of timely updates and vulnerability management. #Honeywell #ExperionPKS #CriticalInfrastructure
Keypoints
- Honeywell issued security updates for its Experion PKS industrial process control system.
- Six vulnerabilities, including critical and high-severity flaws, were identified in affected versions prior to R520.2 TCU9 Hot Fix 1 and R530 TCU3 Hot Fix 1.
- The flaws mainly impact the Control Data Access component, allowing remote code execution and DoS attacks.
- Impactful devices are used in sectors such as chemical, energy, water, and healthcare industries worldwide.
- Researchers highlight that exploitation requires access to isolated network segments, reducing remote internet threat likelihood.