As per an advisory published by Rockwell in December, Tenable’s cyber security researchers found a total of four DoS vulnerabilities, three impacting FactoryTalk Linx and one affecting the FactoryTalk Services Platform.
Two of the vulnerabilities affecting FactoryTalk Linx are caused by an unhandled exception in a DLL file, and they can allow an unauthenticated, remote attacker to cause a DoS condition by sending specially crafted packets that terminate the RSLinxNG.exe process. These issues tracked as CVE-2020-5801 and CVE-2020-5802 have been rated ‘high severity.’
The other vulnerability affecting FactoryTalk Linx is a buffer overflow in a DLL file, and it can result in a DoS condition by sending malicious packets that cause the RSLinxNG.exe process to terminate.
To Read More: securityweek