var-201904-0511
Vulnerability from variot
An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Honeywell Experion PKS Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Honeywell EPKS is used in the automation and control of industrial and production processes and is a distributed control system solution, including a web-based SCADA system. Or initiate a denial of service attack. Failed exploit attempts will result in a denial-of-service condition. The following versions are affected: Honeywell Experion R40x versions prior to Experion PKS R400.6 Honeywell Experion R41x versions prior to Experion PKS R410.6 Honeywell Experion R43x versions prior to Experion PKS R430.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0511",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "experion process knowledge system",
"scope": "gte",
"trust": 1.0,
"vendor": "honeywell",
"version": "r400"
},
{
"model": "experion process knowledge system",
"scope": "gte",
"trust": 1.0,
"vendor": "honeywell",
"version": "r430"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 1.0,
"vendor": "honeywell",
"version": "r400.6"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 1.0,
"vendor": "honeywell",
"version": "r410.6"
},
{
"model": "experion process knowledge system",
"scope": "gte",
"trust": 1.0,
"vendor": "honeywell",
"version": "r410"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 1.0,
"vendor": "honeywell",
"version": "r430.2"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 0.8,
"vendor": "honeywell",
"version": "r43x"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 0.8,
"vendor": "honeywell",
"version": "r41x"
},
{
"model": "experion process knowledge system",
"scope": "eq",
"trust": 0.8,
"vendor": "honeywell",
"version": "r430.2"
},
{
"model": "experion process knowledge system",
"scope": "eq",
"trust": 0.8,
"vendor": "honeywell",
"version": "r410.6"
},
{
"model": "experion process knowledge system",
"scope": "eq",
"trust": 0.8,
"vendor": "honeywell",
"version": "r400.6"
},
{
"model": "experion process knowledge system",
"scope": "lt",
"trust": 0.8,
"vendor": "honeywell",
"version": "r40x"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "experion process knowledge system",
"version": "*"
},
{
"model": "experion pks r40x",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r41x",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r43x",
"scope": null,
"trust": 0.6,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r430.1",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r430",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r410.5",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r410",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r400.5",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r400",
"scope": null,
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r430.2",
"scope": "ne",
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r410.6",
"scope": "ne",
"trust": 0.3,
"vendor": "honeywell",
"version": null
},
{
"model": "experion pks r400.6",
"scope": "ne",
"trust": 0.3,
"vendor": "honeywell",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"db": "BID",
"id": "71747"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"db": "NVD",
"id": "CVE-2014-5435"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r430.2",
"versionStartIncluding": "r430",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r400.6",
"versionStartIncluding": "r400",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:honeywell:experion_process_knowledge_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r410.6",
"versionStartIncluding": "r410",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5435"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kirill Nesterov,Alexander Tlyapov, Gleb Gritsai, Artem Chaykin and Ilya Karpov of the Positive Technologies Research Team and Security Lab",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
],
"trust": 0.6
},
"cve": "CVE-2014-5435",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-5435",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-09114",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "dd07173e-2351-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2014-5435",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-5435",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2014-09114",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-512",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2014-5435",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"db": "VULMON",
"id": "CVE-2014-5435"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"db": "NVD",
"id": "CVE-2014-5435"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Honeywell Experion PKS Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Honeywell EPKS is used in the automation and control of industrial and production processes and is a distributed control system solution, including a web-based SCADA system. Or initiate a denial of service attack. Failed exploit attempts will result in a denial-of-service condition. \nThe following versions are affected:\nHoneywell Experion R40x versions prior to Experion PKS R400.6\nHoneywell Experion R41x versions prior to Experion PKS R410.6\nHoneywell Experion R43x versions prior to Experion PKS R430.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5435"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"db": "BID",
"id": "71747"
},
{
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2014-5435"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-5435",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-14-352-01",
"trust": 2.8
},
{
"db": "BID",
"id": "71747",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2014-09114",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-512",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008660",
"trust": 0.8
},
{
"db": "IVD",
"id": "DD07173E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2014-5435",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"db": "VULMON",
"id": "CVE-2014-5435"
},
{
"db": "BID",
"id": "71747"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"db": "NVD",
"id": "CVE-2014-5435"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
]
},
"id": "VAR-201904-0511",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09114"
}
],
"trust": 1.6958333250000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09114"
}
]
},
"last_update_date": "2023-12-18T12:43:36.517000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Experion PKS",
"trust": 0.8,
"url": "https://www.honeywellprocess.com/en-us/explore/products/control-monitoring-and-safety-systems/integrated-control-and-safety-systems/experion-pks/pages/default.aspx"
},
{
"title": "Honeywell Experion PKS \u0027dual_onsrv.exe\u0027 patch for module remote code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/53119"
},
{
"title": "Honeywell International Experion PKS Fixes for code injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91624"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"db": "NVD",
"id": "CVE-2014-5435"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-352-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5435"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5435"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/71747"
},
{
"trust": 0.3,
"url": "https://www.honeywellprocess.com/en-us/training/programs/control-monitoring-and-safety-systems/pages/experion-pks.aspx"
},
{
"trust": 0.3,
"url": "http://s1018729.instanturl.net/wp-content/uploads/2013/01/overview_epdoc-xx81-en-410.pdf"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"db": "VULMON",
"id": "CVE-2014-5435"
},
{
"db": "BID",
"id": "71747"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"db": "NVD",
"id": "CVE-2014-5435"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"db": "VULMON",
"id": "CVE-2014-5435"
},
{
"db": "BID",
"id": "71747"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"db": "NVD",
"id": "CVE-2014-5435"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-25T00:00:00",
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-12-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"date": "2019-04-08T00:00:00",
"db": "VULMON",
"id": "CVE-2014-5435"
},
{
"date": "2014-12-18T00:00:00",
"db": "BID",
"id": "71747"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"date": "2019-04-08T16:29:00.307000",
"db": "NVD",
"id": "CVE-2014-5435"
},
{
"date": "2014-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2014-5435"
},
{
"date": "2014-12-18T00:00:00",
"db": "BID",
"id": "71747"
},
{
"date": "2019-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008660"
},
{
"date": "2019-10-09T23:11:11.200000",
"db": "NVD",
"id": "CVE-2014-5435"
},
{
"date": "2019-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Honeywell Experion PKS \u0027dual_onsrv.exe\u0027 Module Remote Code Execution Vulnerability",
"sources": [
{
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-09114"
},
{
"db": "BID",
"id": "71747"
}
],
"trust": 1.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "dd07173e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-512"
}
],
"trust": 0.8
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.