CVE-2020-27253
Description
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A remote, unauthenticated attacker can cause a denial-of-service condition on FactoryTalk Linx 6.11 and prior via a crafted packet due to improper input validation.
Vulnerability
The vulnerability is an improper input validation (CWE-20) in the Ingress/Egress checks routine of FactoryTalk Linx ([1]). Affected versions are 6.11 and prior. A remote, unauthenticated attacker can exploit this by sending a specially crafted network packet, leading to a denial-of-service condition ([1]).
Exploitation
An attacker does not require authentication or special privileges. The attack is performed remotely over the network by sending a malicious packet to the affected device. The advisory notes low skill level to exploit ([1]).
Impact
Successful exploitation results in a denial-of-service condition, making the device unavailable ([1]). The CVSS v3 base score is 8.6, with high availability impact and no confidentiality or integrity impact ([1]).
Mitigation
Rockwell Automation recommends upgrading to the latest version of FactoryTalk Linx ([1]). As of the advisory publication date (2020-11-26), no specific fixed version is mentioned, but users should apply any available patches. Workarounds include restricting network access to affected devices using firewalls or VPNs ([1]).
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- FactoryTalk Linx/FactoryTalk Linxdescription
- Range: <=6.11
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- us-cert.cisa.gov/ics/advisories/icsa-20-329-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.