Remote Code Execution and Denial-of-Service Vulnerability in Honeywell Experion PKS Controllers
CVE-2021-38395 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.
Learn more about our Web Application Penetration Testing UK.