CVE-2020-12038
Description
Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and prior) is vulnerable. A memory corruption vulnerability exists in the algorithm that matches square brackets in the EDS subsystem. This may allow an attacker to craft specialized EDS files to crash the EDSParser COM object, leading to denial-of-service conditions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory corruption vulnerability in Rockwell Automation's EDS Subsystem (Version 28.0.1 and prior) allows an attacker to crash the EDSParser COM object via crafted EDS files, leading to denial-of-service.
Vulnerability
The vulnerability exists in the EDS Subsystem version 28.0.1 and prior, affecting several Rockwell Automation products: FactoryTalk Linx software (versions 6.00, 6.10, 6.11), RSLinx Classic (version 4.11.00 and prior), RSNetWorx software (version 28.00.00 and prior), and Studio 5000 Logix Designer software (version 32 and prior) [1]. It is a memory corruption issue (CWE-119) in the algorithm that matches square brackets within the EDS subsystem [1].
Exploitation
An attacker with low privileges and user interaction required (CVSS v3 vector: AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:H) can exploit this vulnerability by crafting specialized EDS files [1]. The attacker must be local to the system and convince a user to process the malicious file. The specific sequence involves providing a malformed EDS file that triggers improper bounds checking when square brackets are matched, corrupting memory [1].
Impact
Successful exploitation causes the EDSParser COM object to crash, resulting in a denial-of-service (DoS) condition [1]. The impact is limited to availability (high), with no confidentiality impact, low integrity impact, and a changed scope [1].
Mitigation
Rockwell Automation has not released a fix for this vulnerability in the available references [1]. No workarounds are mentioned in the advisory. Users are advised to follow the vendor's security guidelines and monitor for updates; the products may have reached end-of-life status for some versions, though this is not explicitly stated [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
5- EDS Subsystem/FactoryTalk Linx, RSLinx Classic, RSNetWorx, Studio 5000 Logix Designerdescription
- Range: <=6.11
- Range: <=28.00.00
- Range: <=32
- Range: <=4.11.00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.us-cert.gov/ics/advisories/icsa-20-140-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.