CVE-2023-5392

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Apr 11, 2024

Updated: Apr 12, 2024

CWE ID 1295

Summary

CVE-2023-5392 is a memory leak vulnerability affecting Honeywell's C300 series controller. The issue arises from an analysis feature that permits the extraction of excessive memory over the network, beyond what is required by the function. This vulnerability could potentially be exploited to gain unintended access to sensitive information. Honeywell strongly advises users to update to the latest product version as a mitigation measure. Refer to the Honeywell Security Notification for guidance on upgrading and version information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s5HIJZ
https://www.cve.org/CVERecord?id=CVE-2023-5392
https://nvd.nist.gov/vuln/detail/CVE-2023-5392

Back to Vulnerability Database

CVE-2023-5392

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations