CVE-2022-30314

low-risk

Published 2022-07-28

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054).

Do I need to act?

0.07% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.6/10 Medium

PHYSICAL / LOW complexity

Affected Products (1)

Safety Manager Firmware

Affected Vendors

Honeywell

References (4)

Mitigation https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-02

Third Party Advisory https://www.forescout.com/blog/

Mitigation https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-02

Third Party Advisory https://www.forescout.com/blog/

/ 100

low-risk

Severity 16/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal