Honeywell Experion PKS Flaws Uncovered

Honeywell recently patched critical vulnerabilities. These flaws impacted their Experion PKS industrial control system. CISA, the US cybersecurity agency, revealed the issues last week. Their advisory highlighted six vulnerabilities. Some were critical, others high-severity.

Impact on Control Data Access

Most critical and high-severity flaws affect the Control Data Access (CDA) component. Therefore, they could lead to remote code execution. Two high-severity vulnerabilities enable denial-of-service attacks. A medium-severity flaw allows communication channel manipulation. This could cause incorrect system behavior.

Global Critical Infrastructure at Risk

CISA noted these products are used globally. They protect critical infrastructure sectors. This includes manufacturing, chemical, energy, water, and healthcare. Honeywell states they prioritize security. They assess and rectify issues promptly. Updates are now available for Experion PKS products. Users should update their systems immediately.

Positive Technologies' Discovery

Russian firm Positive Technologies reported these vulnerabilities. Dmitry Sklyar leads their ICS unit. He explained the flaws were in Experion PKS devices. These include network converters and I/O modules. The devices typically operate in isolated network segments. Thus, remote internet exploitation is unlikely.

Exploitation and Mitigation

The vulnerabilities are in network protocol handlers. They lack identification and authentication. Exploitation only requires access to the isolated segment. Attackers could execute arbitrary code. This could manipulate industrial processes. They could stop, reboot, or alter devices. Sklyar recommends implementing vulnerability management systems. This helps protect against such flaws.