November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Trickbot – IOCs
December 30, 2020Rewterz Threat Advisory – Apache Cassandra directory traversal
December 31, 2020Rewterz Threat Alert – Trickbot – IOCs
December 30, 2020Rewterz Threat Advisory – Apache Cassandra directory traversal
December 31, 2020
Severity
High
Analysis Summary
CVE-2020-5802
Rockwell Automation FactoryTalk is vulnerable to a denial of service, caused by an unhandled exception in RSLinxNG.exe when memory allocation size is passed to the C++ new operator in RnaDaSvr.dll. By sending a specially-crafted ConfigureItems message to TCP prot 4241, a remote attacker could exploit this vulnerability to cause RSLinxNG.exe to crash, and results in a denial of service condition.
Impact
Denial of service
Affected Vendors
Rockwell Automation
Affected Products
Rockwell Automation FactoryTalk Linx 6.11
Remediation
Users are advised to visit the following advised mitigations.
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129496