CyberSec.Space Logo
Back to CVE Browser

CVE-2020-6967

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0900%
EPSS Percentile4.34th
PublishedMar 23, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.

Affected Platforms (CPE)

📦
Rockwellautomation

Factorytalk Services Platform

All versions

References & Advisories

🔗 https://www.us-cert.gov/ics/advisories/icsa-20-051-02
🔗 https://www.us-cert.gov/ics/advisories/icsa-20-051-02

Related Vulnerabilities

CVE-2020-1451610.0

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of th...

CVE-2020-120338.8

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate s...

CVE-2021-329608.5

Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vu...

CVE-2012-47137.8

Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR...