Experion Server
CVE-2023-22435
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Experion server may experience a DoS due to a stack overflow when handling a specially crafted message.
AnalysisAI
Experion server may experience a DoS due to a stack overflow when handling a specially crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-697. Experion server may experience a DoS due to a stack overflow when handling a specially crafted message. Affected products include: Honeywell Experion Server, Honeywell Experion Station, Honeywell Engineering Station, Honeywell Direct Station.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Experion Server
View allServer information leak of configuration data when an error is generated in response to a specially crafted message. Rat
Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a sp
Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message.
Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific con
Same weakness CWE-697 – Incorrect Comparison
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today