838 matches found
CVE-2020-5801
An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affect...
CVE-2020-5801
Rockwell Automation FactoryTalk Linx (v6.x, observed in 6.11; all versions affected) is vulnerable to an unhandled exception in CFTLDManager::HandleRequest in RnaDaSvr.dll when processing a crafted OpenNamespace message to port 4241 with a valid session-id, causing RSLinxNG.exe termination and a ...
CVE-2020-5806
An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk...
CVE-2020-5806
CVE-2020-5806 affects Rockwell Automation’s FactoryTalk Linx (messaging.dll). The root cause is a vulnerability where an attacker-controlled memory allocation size can be passed to the C++ new operator in CServerManager::HandleBrowseLoadIconStreamRequest, exploitable by sending a crafted message ...
CVE-2020-5802
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk 6.11. All versions ...
CVE-2020-5802
CVE-2020-5802 affects Rockwell Automation FactoryTalk Linx (RSLinxNG.exe) via an attacker-controlled memory allocation size passed to the C++ new operator in RnaDaSvr.dll when a ConfigureItems message is sent to TCP port 4241. This unhandled exception can terminate RSLinxNG.exe, causing a denial-...
Rockwell Automation FactoryTalk Linx Code Issue Vulnerability
Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. The product is primarily used to communicate between small applications and large automation systems, among others. A security vulnerability exists in FactoryTalk Linx, which can...
Rockwell Automation FactoryTalk Linx Code Issue Vulnerability
Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. The product is primarily used to communicate between small applications and large automation systems, among others. A security vulnerability exists in FactoryTalk Linx, which can...
FactoryTalk Diagnostics All Security Vulnerabilities
Rockwell Automation FactoryTalk Diagnostics is a Rockwell Automation software program for diagnosing the status of equipment in industrial environments. The software is a subsystem of the FactoryTalk Industrial Architecture. A security vulnerability exists in all versions of FactoryTalk...
Rockwell Automation FactoryTalk Linx Code Issue Vulnerability
Rockwell Automation FactoryTalk Linx is a set of industrial communication solutions from Rockwell Rockwell Automation. The product is primarily used to communicate between small applications and large automation systems, among others. A security vulnerability exists in FactoryTalk Linx, which can...
Metasploit Wrap-Up
Exploiting weak configurations Community contributor Graeme Robinson added two modules targeting insecurely configured API's, both of which lead to remote code execution. The first module exploits a lack of access control in Apache NiFi, which allows for the creation of an ExecuteProcess processo...
CVE-2020-27253
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device...
CVE-2020-27255
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to th...
CVE-2020-27251
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution...
CVE-2020-27251
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution...
CVE-2020-27255
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to th...
CVE-2020-27253
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device...
Heap overflow
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to th...
Design/Logic Flaw
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device...
Heap overflow
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution...