CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-12033

HIGH
8.8
CVSS Severity Score
EPSS Score0.1600%
EPSS Percentile40.82th
Published2020年6月23日
Last Modified2024年11月21日

Vulnerability Description

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges.

Affected Platforms (CPE)

📦
Rockwellautomation

Factorytalk Services Platform

All versions

References & Advisories

🔗 https://www.us-cert.gov/ics/advisories/icsa-20-170-04
🔗 https://www.us-cert.gov/ics/advisories/icsa-20-170-04

関連する脆弱性情報

CVE-2020-1451610.0

In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of th...

CVE-2020-69679.8

In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, Factory...

CVE-2021-329608.5

Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is enabled and deployed contains a vu...

CVE-2012-47137.8

Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR...