6.11

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

rockwellautomation

NVD

Published: 2020-11-26

Updated: 2024-11-21

Summary

A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR).

Vulnerable Configurations

Part	Description	Count
Application	Rockwellautomation Rockwellautomation Factorytalk Linx 6.00 Rockwellautomation Factorytalk Linx 6.10 Rockwellautomation Factorytalk Linx 6.11	3

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-329-01
https://us-cert.cisa.gov/ics/advisories/icsa-20-329-01