CVE-2020-5802
published 2020-12-29CVE-2020-5802: An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to…
PriorityP356high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
38.83%
98.4th percentile
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk 6.11. All versions of FactoryTalk Linx are affected.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwellautomation | factorytalk_linx | <= 6.11 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-43mv-m2vr-rqqc: An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr
ghsa_unreviewed·2022-05-24
CVE-2020-5802 [HIGH] CWE-755 GHSA-43mv-m2vr-rqqc: An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk 6.11. All versions of FactoryTalk Linx are affected.
CISA ICS
Rockwell Automation FactoryTalk Linx and FactoryTalk Services Platform
cisa_ics·2021-01-28·CVSS 7.5
[HIGH] Rockwell Automation FactoryTalk Linx and FactoryTalk Services Platform
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation FactoryTalk Linx and FactoryTalk Services Platform
Last RevisedJanuary 28, 2021
Alert CodeICSA-21-028-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Rockwell Automation
- Equipment: FactoryTalk Linx and FactoryTalk Services Platform
- Vulnerabilities: Classic Buffer overflow, Improper Check or Handling of Exceptional Conditions
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities may result in denial-of-service conditions.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCT
No detection rules found.
No public exploits indexed.
2020-12-29
Published