Your review has been sent successfully

Honeywell Alert

2685
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

27 July, 2022

● High

2022-5068

All

Description:

Honeywell has released a security alert to address several vulnerabilities in the following products:

  • Saia Burgess PG5 PCD: All versions
  • Safety Manager: (CVE-2022-30315, CVE-2022-30313, and CVE-2022-30316) All versions
  • Safety Manager: (CVE-2022-30314) Versions prior to R160.1

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Denial of service attack (DoS)
  • Execute arbitrary code -remotely

Best practice and Recommendations:

The CERT team recommends the following:

  • For CVE-2022-30315 and CVE2022-30313:
    • Safety Manager and FSC use a key switch control to prevent users from downloading unauthorized safety logic. When the key switch is in the locked state, users cannot download any logic whatsoever. 
    • Safety builder should reside on a station with restrictive access controls. Network controls should be in place to limit the nodes permitted to communicate the builder protocol to the safety manager.
    • Users are advised to follow the Safety Manager release documentation.
  • For CVE-2022-30314:
    • Safety Manager R160.1 and later releases include a remediation for this item. R160.1 was introduced in October 2014. Users are advised to operate on the latest release and point release.
    • Customers should isolate process control networks following our security best practices.
    • Users are advised to follow the Safety Manager Release documentation; see the section “Security Recommendations and Best Practices”.
  • For CVE-2022-30316:
    • The Safety Manager key switch prevents unauthorized firmware from being installed. Users are advised to monitor the key switch position.
    • Users are advised to follow the Safety Manager Release documentation; see the section “Security Recommendations and Best Practices”.
  • Apply product updates as available.
  • Follow guidance in the product security manual to ensure isolation of network segments upon which automation controllers reside.
  • Ensure adequate security controls are in place between OT and IT network segments.
  • Disable unnecessary accounts and services.
  • Follow a least privilege approach and restrict system access to authorized personnel.
  • Apply defense-in-depth strategies.
  • Log and monitor network traffic for suspicious activity.

Last updated at 27 July, 2022

Rate the content

rate-icon
up icon