cbcvebase.
CVE-2023-29464
published 2023-10-13

CVE-2023-29464: FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets…

PriorityP357critical9.1CVSS 3.1
AVNACLPRNUINSUCHINAH
EPSS
9.60%
94.9th percentile
FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common industrial protocol to become unresponsive to any type of packet, resulting in a denial-of-service to FactoryTalk Linx over the common industrial protocol.

Affected

4 ranges
VendorProductVersion rangeFixed in
rockwell_automationfactorytalk_linx
rockwell_automationfactorytalk_linx
rockwellautomationfactorytalk_linx
rockwellautomationfactorytalk_linx
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.