CVE-2023-5389

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-749
View all →

Vulnerability Description

An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files that could result in subsequent execution of a malicious application if triggered. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.

Related Vulnerabilities

CVE-2006-1547

HIGH
CVSS:7.5(High)

ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name ...

CWE-7492006

CVE-2010-1428

HIGH
CVSS:7.5(High)

The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for ...

CWE-7492010

CVE-2021-33639

HIGH
CVSS:7.5(High)

REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only memory/file modified.

CWE-7492021

CVE-2021-35243

HIGH
CVSS:7.5(High)

The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload dat...

CWE-7492021

CVE-2023-34227

HIGH
CVSS:7.5(High)

In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks

CWE-7492023

CVE-2023-3655

HIGH
CVSS:7.5(High)

cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system setti...

CWE-7492023