CVE-2014-9189 Vulnerability Details

  /     /     /  

CVE-2014-9189 Metadata Quick Info

CVE Published: 25/03/2019 | CVE Updated: 06/08/2024 | CVE Year: 2014
Source: icscert | Vendor: Honeywell | Product: Experion PKS
Status : PUBLISHED

---

CVE-2014-9189 Description

Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-121
CWE Name: Stack-based buffer overflow CWE-121
Source: Honeywell

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).