Critical Vulnerability in Honeywell Virtual Controller Allows Remote Code Execution

Critical Vulnerability in Honeywell Virtual Controller Allows Remote Code Execution

May 22, 2024 at 07:42AM

Claroty disclosed vulnerabilities in Honeywell’s Control Edge Unit Operations Controller found by its researchers. The vulnerabilities in the ControlEdge Virtual UOC industrial automation controller include a critical severity issue allowing arbitrary code execution without authentication, and a medium-severity absolute path traversal issue. Honeywell promptly issued patches and advisories regarding the flaws. Additionally, CISA released an advisory covering 16 vulnerabilities affecting several Honeywell products.

From the meeting notes, the key takeaways are:
– Claroty researchers discovered vulnerabilities in Honeywell’s Control Edge Unit Operations Controller and the ControlEdge Virtual UOC industrial automation controller, related to the EpicMo proprietary protocol.
– The vulnerabilities include CVE-2023-5389, a critical-severity flaw allowing unauthorized file writing, and CVE-2023-5390, a medium-severity absolute path traversal issue enabling unauthorized file reads.
– These vulnerabilities could potentially lead to execution of arbitrary code and disclosure of limited information from the device.
– Claroty reported its findings to Honeywell, which released patches and published an advisory for its customers.
– The US cybersecurity agency CISA also published an advisory covering 16 vulnerabilities affecting various Honeywell products, discovered by cybersecurity firm Armis.
– The exploitation of these flaws could lead to the disclosure of sensitive information, privilege escalation, or remote code execution.

Let me know if you need any further information!

Full Article