2 matches found
Rockwell Automation FactoryTalk Insecure Deserialization (CVE-2020-6967)
An insecure deserialization vulnerability exists in Rockwell Automation FactoryTalk Diagnostics component. This vulnerability is due to insufficient validation of serialized data sent to RNADiagnosticsSrv endpoint...
(0Day) Rockwell Automation FactoryTalk RNADiagnosticsSrv Deserialization Of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RNADiagnosticsSrv endpoint, which listens on TCP port 8082 by defaul...