Lucene search
This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500418.NASLHistoryAug 10, 2021 - 12:00 a.m.
Rockwellautomation Factorytalk Improper Handling of Exceptional Conditions
2021-08-1000:00:00
This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
0.002 Low
EPSS
Percentile
52.6%
An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpy_s() if a local user opens FactoryTalk Diagnostics Viewer (FTDiagViewer.exe) to view the log entry. Observed in FactoryTalk Diagnostics 6.11. All versions of FactoryTalk Diagnostics are affected.
File data ot_500418.nasl| Vendor | Product | Version | CPE |
|---|---|---|---|
| rockwellautomation | factorytalk_diagnostics | * | cpe:2.3:a:rockwellautomation:factorytalk_diagnostics:*:*:*:*:*:*:*:* |
Related
nessus
nessus
Rockwell (CVE-2020-5807) (deprecated)
2022-02-07 00:00:00
prion
prion
Code injection
2020-12-29 16:15:00
cve
cve
CVE-2020-5807
2020-12-29 16:15:14
cvelist
cvelist
CVE-2020-5807
2020-12-29 15:18:35
nvd
nvd
CVE-2020-5807
2020-12-29 16:15:14
ics
ics
Rockwell Automation FactoryTalk Linx and FactoryTalk Services Platform
2021-01-28 12:00:00