Sign-up

ID

VAR-201904-0512


CVE

CVE-2014-5436


TITLE

Honeywell Experion PKS 'confd.exe' Module directory traversal vulnerability

Trust: 1.1

sources: IVD: dd03d0d8-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-09112 // BID: 71752

DESCRIPTION

A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Honeywell Experion PKS Contains a path traversal vulnerability.Information may be obtained. Honeywell EPKS is used in the automation and control of industrial and production processes and is a distributed control system solution, including a web-based SCADA system. A remote attacker can use a specially crafted request ('../') with a directory traversal sequence to retrieve arbitrary files from the application for sensitive information. Information obtained could aid in further attacks. The following versions are affected: Honeywell Experion R40x versions prior to Experion PKS R400.6 Honeywell Experion R41x versions prior to Experion PKS R410.6 Honeywell Experion R43x versions prior to Experion PKS R430.2

Trust: 2.61

sources: NVD: CVE-2014-5436 // JVNDB: JVNDB-2014-008659 // CNVD: CNVD-2014-09112 // BID: 71752 // IVD: dd03d0d8-2351-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: dd03d0d8-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-09112

AFFECTED PRODUCTS

vendor:honeywellmodel:experion process knowledge systemscope:ltversion:r410.6

Trust: 1.0

vendor:honeywellmodel:experion process knowledge systemscope:gteversion:r400

Trust: 1.0

vendor:honeywellmodel:experion process knowledge systemscope:ltversion:r430.2

Trust: 1.0

vendor:honeywellmodel:experion process knowledge systemscope:gteversion:r410

Trust: 1.0

vendor:honeywellmodel:experion process knowledge systemscope:ltversion:r400.6

Trust: 1.0

vendor:honeywellmodel:experion process knowledge systemscope:gteversion:r430

Trust: 1.0

vendor:honeywellmodel:experion process knowledge systemscope:ltversion:r43x

Trust: 0.8

vendor:honeywellmodel:experion process knowledge systemscope:ltversion:r41x

Trust: 0.8

vendor:honeywellmodel:experion process knowledge systemscope:eqversion:r430.2

Trust: 0.8

vendor:honeywellmodel:experion process knowledge systemscope:eqversion:r410.6

Trust: 0.8

vendor:honeywellmodel:experion process knowledge systemscope:eqversion:r400.6

Trust: 0.8

vendor:honeywellmodel:experion process knowledge systemscope:ltversion:r40x

Trust: 0.8

vendor:experion process knowledge systemmodel: - scope:eqversion:*

Trust: 0.6

vendor:honeywellmodel:experion pks r40xscope: - version: -

Trust: 0.6

vendor:honeywellmodel:experion pks r41xscope: - version: -

Trust: 0.6

vendor:honeywellmodel:experion pks r43xscope: - version: -

Trust: 0.6

vendor:honeywellmodel:experion pks r430.1scope: - version: -

Trust: 0.3

vendor:honeywellmodel:experion pks r430scope: - version: -

Trust: 0.3

vendor:honeywellmodel:experion pks r410.5scope: - version: -

Trust: 0.3

vendor:honeywellmodel:experion pks r410scope: - version: -

Trust: 0.3

vendor:honeywellmodel:experion pks r400.5scope: - version: -

Trust: 0.3

vendor:honeywellmodel:experion pks r400scope: - version: -

Trust: 0.3

vendor:honeywellmodel:experion pks r311.2scope: - version: -

Trust: 0.3

vendor:honeywellmodel:experion pks r430.2scope:neversion: -

Trust: 0.3

vendor:honeywellmodel:experion pks r410.6scope:neversion: -

Trust: 0.3

vendor:honeywellmodel:experion pks r400.6scope:neversion: -

Trust: 0.3

sources: IVD: dd03d0d8-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-09112 // BID: 71752 // JVNDB: JVNDB-2014-008659 // NVD: CVE-2014-5436

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-5436
value: HIGH

Trust: 1.0

NVD: CVE-2014-5436
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-09112
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201412-510
value: HIGH

Trust: 0.6

IVD: dd03d0d8-2351-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2014-5436
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-09112
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: dd03d0d8-2351-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2014-5436
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: IVD: dd03d0d8-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-09112 // JVNDB: JVNDB-2014-008659 // CNNVD: CNNVD-201412-510 // NVD: CVE-2014-5436

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2014-008659 // NVD: CVE-2014-5436

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201412-510

TYPE

Path traversal

Trust: 0.8

sources: IVD: dd03d0d8-2351-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201412-510

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-008659

PATCH
title:Experion PKSurl:https://www.honeywellprocess.com/en-US/explore/products/control-monitoring-and-safety-systems/integrated-control-and-safety-systems/experion-pks/Pages/default.aspx
Trust: 0.8
title:Honeywell Experion PKS 'confd.exe' module directory traversal vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/53117
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-09112 // 
            
            
            
            JVNDB: JVNDB-2014-008659

EXTERNAL IDS
db:NVDid:CVE-2014-5436
Trust: 3.5
db:ICS CERTid:ICSA-14-352-01
Trust: 2.7
db:BIDid:71752
Trust: 0.9
db:CNVDid:CNVD-2014-09112
Trust: 0.8
db:CNNVDid:CNNVD-201412-510
Trust: 0.8
db:JVNDBid:JVNDB-2014-008659
Trust: 0.8
db:IVDid:DD03D0D8-2351-11E6-ABEF-000C29C66E3D
Trust: 0.2
sources:
            
            
            IVD: dd03d0d8-2351-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2014-09112 // 
            
            
            
            BID: 71752 // 
            
            
            
            JVNDB: JVNDB-2014-008659 // 
            
            
            
            CNNVD: CNNVD-201412-510 // 
            
            
            
            NVD: CVE-2014-5436

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-14-352-01
Trust: 2.7
url:https://nvd.nist.gov/vuln/detail/cve-2014-5436
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5436
Trust: 0.8
url:http://www.securityfocus.com/bid/71752
Trust: 0.6
url:https://www.honeywellprocess.com/en-us/training/programs/control-monitoring-and-safety-systems/pages/experion-pks.aspx
Trust: 0.3
url:http://s1018729.instanturl.net/wp-content/uploads/2013/01/overview_epdoc-xx81-en-410.pdf
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2014-09112 // 
            
            
            
            BID: 71752 // 
            
            
            
            JVNDB: JVNDB-2014-008659 // 
            
            
            
            CNNVD: CNNVD-201412-510 // 
            
            
            
            NVD: CVE-2014-5436

CREDITS
Kirill Nesterov,Alexander Tlyapov, Gleb Gritsai, Artem Chaykin and Ilya Karpov of the Positive Technologies Research Team and Security Lab
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201412-510

SOURCES
db:IVDid:dd03d0d8-2351-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2014-09112
db:BIDid:71752
db:JVNDBid:JVNDB-2014-008659
db:CNNVDid:CNNVD-201412-510
db:NVDid:CVE-2014-5436

LAST UPDATE DATE
2024-08-14T13:55:35.494000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-09112date:2014-12-25T00:00:00
db:BIDid:71752date:2014-12-18T00:00:00
db:JVNDBid:JVNDB-2014-008659date:2019-05-13T00:00:00
db:CNNVDid:CNNVD-201412-510date:2019-04-16T00:00:00
db:NVDid:CVE-2014-5436date:2019-10-09T23:11:11.700

SOURCES RELEASE DATE
db:IVDid:dd03d0d8-2351-11e6-abef-000c29c66e3ddate:2014-12-25T00:00:00
db:CNVDid:CNVD-2014-09112date:2014-12-25T00:00:00
db:BIDid:71752date:2014-12-18T00:00:00
db:JVNDBid:JVNDB-2014-008659date:2019-05-13T00:00:00
db:CNNVDid:CNNVD-201412-510date:2014-12-25T00:00:00
db:NVDid:CVE-2014-5436date:2019-04-08T16:29:00.417