Memory Allocation Vulnerability in FactoryTalk Linx by Rockwell Automation
CVE-2020-5806

5.5MEDIUM

Key Information:

Vendor: Rockwellautomation
Status: Rockwell Factorytalk Linx
Vendor: CVE Published:; 29 December 2020

🔔 Create Rockwellautomation Vulnerability Alert

What is CVE-2020-5806?

A security flaw in FactoryTalk Linx allows an attacker to manipulate memory allocation sizes using the C++ new operator in messaging.dll. By sending a specially crafted message to the server at 127.0.0.1:7153, an attacker can exploit this vulnerability, impacting all versions of FactoryTalk Linx, including 6.11. This vulnerability could lead to potential application instability or unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Rockwell FactoryTalk Linx All versions of FactoryTalk Linx

References

https://www.tenable.com/security/research/tra-2020-71

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 29, 2020
Vulnerability Reserved
Jan 6, 2020

JSON

Rockwellautomation

What is CVE-2020-5806?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.