Home -> Resources -> SCADA/ICS Vulnerability Reference -> Honeywell ScanServer

Honeywell ScanServer ActiveX Control Use-After-Free Vulnerability

April 13, 2011

The Honeywell ScanServer ActiveX control is prone to a remote code-execution vulnerability.

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage.

Successful exploits will allow the attacker to execute arbitrary code within the context of the application (typically Internet Explorer) that uses the ActiveX control.

Honeywell ScanServer ActiveX control 780.0.20.5 is vulnerable; other versions may also be affected.

ICS-CERT Advisories / Alerts

ICSA-11-103-01A
ICSA-11-103-01

Vendor Website (include Patches / Hotfixes)

Vendor Website (general)
Vendor Update (current customers only)

Exploit Proof-of-Concept

No public exploit is currently available.

Common Vulnerability & Exposure (CVE) References

CVE-2011-0331

Additional Information

IBM Internet Security Systems ID #66181
Microsoft Security Advisory 2562937
Open-Source Vulnerability Database #71249
Secunia Advisory #43360
Secunia Research: Honeywell ScanServer ActiveX Control Use-After-Free Vulnerability
Security Focus Vulnerability Info and Exploit Bugtraq ID 46930
Vupen Security Advisory ADV-2011-0725 (not publically available)