SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-582867898] Honeywell Uniformance PHD Denial Of Service

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2016-04-12OTHERHoneywell Uniformance PHDHoneywellN/A2016-2280N/AN/AN/A

Source

						
							
								
#
# Honeywell Uniformance PHD Denial Of Service
#


### OVERVIEW

This advisory was originally posted to the US-CERT secure Portal library on March 10, 2016, and is being released to the NCCIC/ICS-CERT web site.

Honeywell reports that they have identified a denial-of-service vulnerability in the Uniformance Process History Database (PHD). Honeywell has produced a patch to mitigate this vulnerability.

This vulnerability could be exploited remotely.



### AFFECTED PRODUCTS

Honeywell reports that the vulnerability affects the following versions:

Uniformance PHD R310,
Uniformance PHD R320, and
Uniformance PHD R321





### IMPACT

A denial-of-service attack can cause the process to become unresponsive.

Impact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.





### BACKGROUND

Honeywell is a US-based company that maintains offices worldwide. The affected products, Uniformance PHD, are used together with DCS to provide a historian for engineering and business analytics. According to Honeywell, Uniformance PHD products are deployed across several sectors including Chemical, Critical Manufacturing, Energy, and Water and Wastewater Systems. Honeywell estimates that these products are used worldwide.




### VULNERABILITY CHARACTERIZATION


# VULNERABILITY OVERVIEW

STACK-BASED BUFFER OVERFLOW

A buffer overflow exploit used against the RDISERVER can cause the process to become unresponsive.
CVE-2016-2280 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).





### VULNERABILITY DETAILS


# EXPLOITABILITY

This vulnerability could be exploited remotely.


# EXISTENCE OF EXPLOIT

No known public exploits specifically target this vulnerability.


# DIFFICULTY

An attacker with a low skill would be able to exploit this vulnerability.





### MITIGATION

Honeywell has provided patches for the software impacted. For more information about this vulnerability and how to apply the patches, please see Honeywell's Security Notification SN 2016-01-27 under the support tab at the following web page:

https://www.honeywellprocess.com