CVE-2014-9187 Vulnerability Details

  /     /     /  

CVE-2014-9187 Metadata Quick Info

CVE Published: 25/03/2019 | CVE Updated: 06/08/2024 | CVE Year: 2014
Source: icscert | Vendor: Honeywell | Product: Experion PKS
Status : PUBLISHED

---

CVE-2014-9187 Description

Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-122
CWE Name: Heap-based buffer overflow CWE-122
Source: Honeywell

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).