Honeywell Saia Burgess PG5 PCD

Monitor7.6ICS-CERT ICSA-22-207-03Jul 26, 2022

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Honeywell Saia Burgess PG5 PCD controllers are affected by weak authentication (CWE-288) and weak cryptography (CWE-327) vulnerabilities that allow unauthenticated network-adjacent attackers to modify controller configurations. Successful exploitation could allow configuration manipulation, affecting automation logic, process setpoints, and safety settings. All versions of the product are affected, and no vendor fix is planned. The advisory notes no known public exploits currently target these vulnerabilities.

What this means

What could happen

An attacker with access to the PG5 PCD's configuration interface could modify automation logic, process setpoints, or safety parameters, potentially disrupting water distribution, power generation, or other critical plant operations.

Who's at risk

Water authorities and municipal electric utilities operating Honeywell Saia Burgess PG5 PCD controllers in pump stations, treatment plants, substations, or any critical automation application. This includes legacy systems across all versions with no vendor fix available.

How it could be exploited

An attacker with network access to the PG5 PCD could bypass weak or missing authentication (CWE-288) and weak cryptography protections (CWE-327) to send malicious configuration commands to the controller. The attack requires network-adjacent access but no credentials or user interaction.

Prerequisites

Network adjacency to the PG5 PCD or a network path from an already-compromised OT device
No valid credentials required
PG5 PCD must be reachable on the network

Remotely exploitable over networkNo authentication required for exploitationLow attack complexityNo fix available from vendorAffects industrial controllers that manage critical processes

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

Saia Burgess PG5 PCD: All versionsAll versionsNo fix (EOL)

Remediation & Mitigation

0/5

Do now

0/3

HARDENINGIsolate PG5 PCD devices on a separate OT network segment with firewall rules that restrict inbound access to only authorized engineering workstations and control systems

HARDENINGDisable all unnecessary user accounts and services on PG5 PCD and restrict administrative access to named authorized personnel only

HARDENINGMonitor network traffic to and from PG5 PCD devices for unauthorized configuration commands or suspicious activity

Mitigations - no patch available

0/2

Saia Burgess PG5 PCD: All versions has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGImplement encryption and strong authentication controls at the OT/IT network boundary to prevent unauthorized access to controller configuration interfaces

HARDENINGApply defense-in-depth strategies including layered access controls, network segmentation, and continuous monitoring across all automation controller networks

CVEs (2)

CVE-2022-30319 CVE-2022-30320

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/2ac48565-2389-4039-b7cc-c960509ad072