VYPR

FactoryTalk Linx

by Rockwellautomation

CVEs (12)

  • CVE-2020-12001CriJun 15, 2020
    risk 0.65cvss 9.8epss 0.12

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2020-27251CriNov 26, 2020
    risk 0.64cvss 9.8epss 0.05

    A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution.

  • CVE-2023-29464HigOct 13, 2023
    risk 0.54cvss 8.2epss 0.10

    FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure.…

  • CVE-2020-11999HigJun 15, 2020
    risk 0.53cvss 8.1epss 0.03

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2020-12034HigMay 20, 2020
    risk 0.53cvss 8.2epss 0.01

    Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer…

  • CVE-2020-5802HigDec 29, 2020
    risk 0.52cvss 7.5epss 0.39

    An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk…

  • CVE-2020-5801HigDec 29, 2020
    risk 0.51cvss 7.5epss 0.25

    An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. Observed in FactoryTalk Linx 6.11. All versions of…

  • CVE-2020-27255HigNov 26, 2020
    risk 0.49cvss 7.5epss 0.03

    A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information…

  • CVE-2020-27253HigNov 26, 2020
    risk 0.49cvss 7.5epss 0.02

    A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device.

  • CVE-2020-12005HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.02

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2020-12003HigJun 15, 2020
    risk 0.49cvss 7.5epss 0.05

    FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx…

  • CVE-2020-12038MedMay 19, 2020
    risk 0.36cvss 5.5epss 0.03

    Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer…