Experion Server
CVE-2023-24474
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message
AnalysisAI
Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-122. Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message Affected products include: Honeywell Experion Server, Honeywell Experion Station, Honeywell Engineering Station, Honeywell Direct Station.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Experion Server
View allServer information leak of configuration data when an error is generated in response to a specially crafted message. Rat
Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a sp
Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific con
Experion server may experience a DoS due to a stack overflow when handling a specially crafted message. Rated high sever
Same weakness CWE-122 – Heap-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today