Multiple vulnerabilities in Honeywell Safety Manager
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2022-30315 CVE-2022-30313 CVE-2022-30316 |
| CWE-ID | CWE-345 CWE-306 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Safety Manager Hardware solutions / Other hardware appliances |
| Vendor | Honeywell International, Inc |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Insufficient verification of data authenticity
EUVDB-ID: #VU65807
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2022-30315
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the Safety Builder protocol does not validate or authenticate the download logic. A remote attacker can execute arbitrary code on the CPU module.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSafety Manager: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-207-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Missing Authentication for Critical Function
EUVDB-ID: #VU65808
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2022-30313
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass authentication process.
The vulnerability exists due to missing authentication for critical function in the Safety Builder protocol. A local attacker can cause configuration and system changes.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSafety Manager: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-207-02
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Insufficient verification of data authenticity
EUVDB-ID: #VU65810
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2022-30316
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the affected product firmware images are not signed and only rely on insecure checksums for regular integrity checks. A local attacker can boot process or push malicious firmware.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSafety Manager: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-207-02
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
