March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Alert – (TA416) Using Golang PlugX Malware Loader
November 25, 2020
Rewterz Threat Alert – APT-C-23 aka AridViper Active Again
November 25, 2020
Rewterz Threat Alert – (TA416) Using Golang PlugX Malware Loader
November 25, 2020
Rewterz Threat Alert – APT-C-23 aka AridViper Active Again
November 25, 2020
Severity
High
Analysis Summary
CVE-2020-27253
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device.
CVE-2020-27251
A heap overflow vulnerability exists within FactoryTalk Linx. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution.
CVE-2020-27255
A heap overflow vulnerability exists within FactoryTalk Linx. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR).
Impact
- Denial of service
- Remote code execution
- Information disclosure
Affected Vendors
Rockwell Automation
Affected Products
FactoryTalk Linx: Version 6.11 and prior
Remediation
Rockwell Automation recommends users of the affected FactoryTalk Linx update to a fixed version.
FactoryTalk Linx v6.10/6.11