Experion pks

This hub aggregates every CVE we track for Experion pks, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Experion pks.

• CVE-2025-3947Integer underflow during processing of short network packets in CDA FTEB responder8.2Jul 10, 2025
• CVE-2025-3946Incorrect response generation during FTEB protocol processing8.2Jul 10, 2025
• CVE-2025-2523Lack of buffer clearing before reuse may result in incorrect system behavior.9.4Jul 10, 2025
• CVE-2025-2522Lack of buffer clearing before reuse may result in incorrect system behavior.6.5Jul 10, 2025
• CVE-2025-2521Lack of indexes’ validation against buffer borders leads to remote code execution.8.6Jul 10, 2025
• CVE-2025-2520Dereferencing of an uninitialized pointer leads to denial of service.7.5Jul 10, 2025
• CVE-2023-25948Server Data type confusion - info leak 7.5Jul 13, 2023
• CVE-2023-26597Controller DOS on sending error response7.5Jul 13, 2023
• CVE-2023-25770Controller stack overflow on decoding messages from the server9.8Jul 13, 2023
• CVE-2023-25178Controller design flaw - unsigned firmware9.8Jul 13, 2023
• CVE-2023-25078DoS due to heap overflow9.8Jul 13, 2023
• CVE-2023-24480Controller stack overflow when decoding messages from the server9.8Jul 13, 2023
• CVE-2023-24474Server deserialization missing boundary checks - heap overflow in communication between server and controller7.5Jul 13, 2023
• CVE-2023-23585Server DoS due to heap overflow9.8Jul 13, 2023
• CVE-2023-22435 Server bad parsing implementation - stack overflow in server::get_db_path_for_driver7.5Jul 13, 2023