Rockwellautomation Factorytalk Linx vulnerabilities
14 known vulnerabilities affecting rockwellautomation/factorytalk_linx.
Total CVEs
14
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH9MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-27251P2CRITICALCVSS 9.8≤ 6.11vVersion 6.11 and prior2020-11-26
CVE-2020-27251 [CRITICAL] CWE-122 CVE-2020-27251: A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerabil
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution.
nvd
CVE-2020-12001P2CRITICALCVSS 9.8v6.00v6.10+1 more2020-06-15
CVE-2020-12001 [CRITICAL] CWE-20 CVE-2020-12001: FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Componen
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later S
nvd
CVE-2020-5802P3HIGHCVSS 7.5≤ 6.112020-12-29
CVE-2020-5802 [HIGH] CWE-770 CVE-2020-5802: An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk 6.11. All versions of FactoryTalk Linx are affected.
nvd
CVE-2023-29464P3CRITICALCVSS 9.1v6.20v6.302023-10-13
CVE-2023-29464 [CRITICAL] CWE-20 CVE-2023-29464: FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor
FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common ind
nvd
CVE-2020-5801P3HIGHCVSS 7.5≤ 6.112020-12-29
CVE-2020-5801 [HIGH] CWE-755 CVE-2020-5801: An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that trig
An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected.
nvd
CVE-2025-7972P3CRITICALCVSS 9.1fixed in 6.502025-08-14
CVE-2025-7972 [CRITICAL] CWE-286 CVE-2025-7972: A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NO
A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.
nvd
CVE-2020-11999P3HIGHCVSS 8.1v6.00v6.10+1 more2020-06-15
CVE-2020-11999 [HIGH] CWE-20 CVE-2020-11999: FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Componen
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud,
nvd
CVE-2020-12003P3HIGHCVSS 7.5v6.00v6.10+1 more2020-06-15
CVE-2020-12003 [HIGH] CWE-22 CVE-2020-12003: FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Componen
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud,
nvd
CVE-2025-9067P3HIGHCVSS 7.8fixed in 6.502025-10-14
CVE-2025-9067 [HIGH] CWE-269 CVE-2025-9067: A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx. Authen
A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx. Authenticated attackers with valid Windows user credentials can initiate a repair and hijack the resulting console window. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and syst
nvd
CVE-2025-9068P3HIGHCVSS 7.8fixed in 6.502025-10-14
CVE-2025-9068 [HIGH] CWE-269 CVE-2025-9068: A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (
A security issue exists within the Rockwell Automation Driver Package x64 Microsoft Installer File (MSI) repair functionality, installed with FTLinx. Authenticated attackers with valid Windows Users credentials can initiate a repair and hijack the resulting console window for vbpinstall.exe. This allows the launching of a command prompt running with SYS
nvd
CVE-2020-27255P3HIGHCVSS 7.5≤ 6.11vVersion 6.11 and prior2020-11-26
CVE-2020-27255 [HIGH] CWE-122 CVE-2020-27255: A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerabil
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR).
nvd
CVE-2020-27253P3HIGHCVSS 7.5≤ 6.11vVersion 6.11 and prior2020-11-26
CVE-2020-27253 [HIGH] CWE-20 CVE-2020-27253: A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device.
nvd
CVE-2020-12005P3HIGHCVSS 7.5v6.00v6.10+1 more2020-06-15
CVE-2020-12005 [HIGH] CWE-434 CVE-2020-12005: FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Componen
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud
nvd
CVE-2020-5806P4MEDIUMCVSS 5.5≤ 6.112020-12-29
CVE-2020-5806 [MEDIUM] CWE-770 CVE-2020-5806: An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerMa
An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected.
nvd