Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-5807

An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpy_s() if a local user opens FactoryTalk Diagnostics Viewer (FTDiagViewer.exe) to view the log entry. Observed in FactoryTalk Diagnostics 6.11. All versions of FactoryTalk Diagnostics are affected.

Published

2020-12-29T16:15:14.933

Last Modified

2024-11-21T05:34:37.977

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-755

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rockwellautomation	factorytalk_diagnostics	≤ 6.11	Yes

References

https://www.tenable.com/security/research/tra-2020-71 Third Party Advisory ([email protected])
https://www.tenable.com/security/research/tra-2020-71 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)