CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5806
https://notcve.org/view.php?id=CVE-2020-5806
An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected. Un tamaño de asignación de memoria controlado por el atacante puede ser pasado al nuevo operador de C++ en la función CServerManager::HandleBrowseLoadIconStreamRequest en la biblioteca messaging.dll. • https://www.tenable.com/security/research/tra-2020-71 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5802
https://notcve.org/view.php?id=CVE-2020-5802
An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk 6.11. All versions of FactoryTalk Linx are affected. Un tamaño de asignación de memoria controlado por el atacante puede ser pasado al nuevo operador de C++ en la biblioteca RnaDaSvr.dll mediante el envío de un mensaje ConfigureItems especialmente diseñado hacia el puerto TCP 4241. • https://www.tenable.com/security/research/tra-2020-71 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-6111
https://notcve.org/view.php?id=CVE-2020-6111
An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and Series B FRN 10.000. A specially crafted packet can cause a major error, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability. Se presenta una vulnerabilidad explotable de denegación de servicio en la funcionalidad IPv4 de Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 y Series B FRN 10.000. Un paquete especialmente diseñado puede causar un error importante, resultando en una denegación de servicio. • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1057 https://us-cert.cisa.gov/ics/advisories/icsa-21-047-02 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27251
https://notcve.org/view.php?id=CVE-2020-27251
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution. Se presenta una vulnerabilidad de desbordamiento de la pila en FactoryTalk Linx Versiones 6.11 y anteriores. Esta vulnerabilidad podría permitir a un atacante remoto no autenticado enviar rangos de puertos maliciosos, lo que podría resultar en una ejecución de código remota • https://us-cert.cisa.gov/ics/advisories/icsa-20-329-01 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27255
https://notcve.org/view.php?id=CVE-2020-27255
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR). Se presenta una vulnerabilidad de desbordamiento de la pila en FactoryTalk Linx versiones 6.11 y anteriores. Esta vulnerabilidad podría permitir a un atacante remoto no autenticado enviar peticiones de atributos de configuración maliciosos, lo que podría resultar en un filtrado de información confidencial. • https://us-cert.cisa.gov/ics/advisories/icsa-20-329-01 • CWE-122: Heap-based Buffer Overflow •