Vulnerabilities > Rockwellautomation > Factorytalk Linx
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-13 | CVE-2023-29464 | Out-of-bounds Write vulnerability in Rockwellautomation Factorytalk Linx 6.20/6.30 FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. | 9.1 |
| 2020-12-29 | CVE-2020-5806 | Allocation of Resources Without Limits or Throttling vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. | 5.5 |
| 2020-12-29 | CVE-2020-5802 | Allocation of Resources Without Limits or Throttling vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. | 7.5 |
| 2020-12-29 | CVE-2020-5801 | Improper Handling of Exceptional Conditions vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. | 7.5 |
| 2020-11-26 | CVE-2020-27255 | Unspecified vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. | 7.5 |
| 2020-11-26 | CVE-2020-27253 | Unspecified vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. | 7.5 |
| 2020-11-26 | CVE-2020-27251 | Unspecified vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. | 9.8 |
| 2020-06-15 | CVE-2020-12005 | Unrestricted Upload of File with Dangerous Type vulnerability in Rockwellautomation Factorytalk Linx and Rslinx Classic FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. | 7.5 |
| 2020-06-15 | CVE-2020-12003 | Path Traversal vulnerability in Rockwellautomation Factorytalk Linx and Rslinx Classic FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. | 7.5 |
| 2020-06-15 | CVE-2020-12001 | Improper Input Validation vulnerability in Rockwellautomation Factorytalk Linx and Rslinx Classic FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. | 9.8 |