CVE-2020-27251

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1700%

EPSS Percentile8.22th

PublishedNov 26, 2020

Last ModifiedNov 21, 2024

Vulnerability Description

A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution.

Affected Platforms (CPE)

📦

Rockwellautomation

Factorytalk Linx

<= 6.11

References & Advisories

🔗 https://us-cert.cisa.gov/ics/advisories/icsa-20-329-01

Related Vulnerabilities

CVE-2020-120019.8

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and p...

CVE-2020-120348.2

Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versio...

CVE-2020-119998.1

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and p...

CVE-2018-106197.8

An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and ...