Rewterz Threat Alert – (TA416) Using Golang PlugX Malware Loader
November 25, 2020Rewterz Threat Alert – APT-C-23 aka AridViper Active Again
November 25, 2020Rewterz Threat Alert – (TA416) Using Golang PlugX Malware Loader
November 25, 2020Rewterz Threat Alert – APT-C-23 aka AridViper Active Again
November 25, 2020Severity
High
Analysis Summary
CVE-2020-27253
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device.
CVE-2020-27251
A heap overflow vulnerability exists within FactoryTalk Linx. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution.
CVE-2020-27255
A heap overflow vulnerability exists within FactoryTalk Linx. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR).
Impact
- Denial of service
- Remote code execution
- Information disclosure
Affected Vendors
Rockwell Automation
Affected Products
FactoryTalk Linx: Version 6.11 and prior
Remediation
Rockwell Automation recommends users of the affected FactoryTalk Linx update to a fixed version.
FactoryTalk Linx v6.10/6.11