CVE-2022-30314: Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager ...

Description

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054).

Metrics

CVSS 3.1

4.6/10

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS Probability

0.26%

16.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-798

Affected Software

Vendor	Product	Versions
Honeywell	Safety Manager Firmware	< r160.1

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-02Mitigation, Third Party Advisory, US Government Resource
https://www.forescout.com/blog/Third Party Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-02Mitigation, Third Party Advisory, US Government Resource
https://www.forescout.com/blog/Third Party Advisory

Timeline

Published: Jul 28, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-30314?

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054).

How severe is CVE-2022-30314?

CVE-2022-30314 has a CVSS score of 4.6/10 (MEDIUM severity). The EPSS model estimates a 0.26% probability of exploitation in the next 30 days.

How do I fix CVE-2022-30314?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.