CVE-2021-38395
CWE-74 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS IN OUTPUT USED BY A DOWNSTREAM COMPONENT:
The affected product is vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.
Read more: “Target DCS: Finding, Fixing Critical Bugs In Honeywell Experion PKS”
Risk Information
- CVE ID
- CVE-2021-38395
- Vendor
- Honeywell
- Product
- Experion PKS
- CVSS v3
- 9.1