Original release date: October 5, 2021
CISA has released an Industrial Controls Systems (ICS) advisory detailing multiple vulnerabilities affecting all versions of Honeywell Experion Process Knowledge System C200, C200E, C300, and ACE controllers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review ICS advisory ICSA-21-278-04 Honeywell Experion and ACE Controllers as well as Experion Network and Security Planning Guide and Honeywell Support document SN2021-02-22-01 for more information and apply the necessary mitigations.
This product is provided subject to this Notification and this Privacy & Use policy.