Honeywell Multiple Products HscRemoteDepoy.dll ActiveX Control Arbitrary Code Execution

High Nessus Plugin ID 65656


The remote host has an ActiveX control installed that is affected by a remote code execution vulnerability.


The remote host has the Honeywell 'HscRemoteDeploy.dll' ActiveX control, which is affected by a vulnerability in the 'LaunchInstaller()' function that can be utilized to execute arbitrary code by tricking a victim into opening a specially crafted HTML document.


Disable the affected ActiveX control manually, or contact Honeywell for a fix that disables it.

See Also

Plugin Details

Severity: High

ID: 65656

File Name: scada_honeywell_hscremotedeploy_activex.nbin

Version: $Revision: 1.73 $

Type: local

Family: SCADA

Published: 2013/03/22

Modified: 2018/02/06

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:honeywell:enterprise_buildings_integrator

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/02/22

Vulnerability Publication Date: 2013/02/22

Exploitable With

Core Impact

Metasploit (Honeywell HSC Remote Deployer ActiveX Remote Code Execution)

Reference Information

CVE: CVE-2013-0108

BID: 58134

OSVDB: 90583

ICSA: 13-053-02, 13-053-02A