virus logo Intrusion Prevention

Honeywell.Tema.Installer.ActiveX.Arbitrary.File.Download

description-logoDescription

This indicates an attempt to exploit an Arbitrary File Download vulnerability in Honeywell Tema Remote Installer ActiveX Control.
The vulnerability is caused by Honeywell Tema Remote Installer ActiveX Control's failure to check the parameters that are passed to the "DownloadFromURL()" method. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and download arbitrary file.

affected-products-logoAffected Products

Honeywell TEMA 5.3.1
Honeywell TEMA 5.3.0
Honeywell TEMA 5.2
Honeywell TEMA 4.9
Honeywell TEMA 4.8
Honeywell TEMA 4.10
Honeywell EBI R410.2
Honeywell EBI R410.1
Honeywell EBI R400.2 SP1
Honeywell EBI R310.1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://ics-cert.us-cert.gov/advisories/ICSA-11-285-01
ID 34429
Created Jan 31, 2013
Updated Jul 17, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows
Affected App SCADA