Main Vulnerability Database Exploits ID:4863 - Exploit for Information disclosure in FactoryTalk View SE - CVE-2020-12027

ID:4863 - Exploit for Information disclosure in FactoryTalk View SE - CVE-2020-12027

Published: November 20, 2020

Vulnerability identifier: #VU29160

Vulnerability risk: Medium

CVE-ID: CVE-2020-12027

CWE-ID: CWE-200

Exploitation vector: Remote access

Vulnerable software:
FactoryTalk View SE

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/windows/scada/rockwell_factorytalk_rce

Vulnerability description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote authenticated attacker can gain unauthorized access to sensitive information on the system, such as the hostnames and file paths for certain files within the system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:4863 - Exploit for Information disclosure in FactoryTalk View SE - CVE-2020-12027

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human