Vulnerability identifier: #VU28998

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-12005

CWE-ID: CWE-434

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
FactoryTalk Linx
Server applications / SCADA systems
RSLinx Classic
Server applications / SCADA systems

Vendor: Rockwell Automation

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to insufficient validation of file during file upload within the communication function. A remote attacker can upload a file with bad compression, consuming all the available CPU resources, leading to a denial-of-service condition.

The following products that utilize FactoryTalk Linx Software are affected:

• Connected Components Workbench: Version 12 and prior
• ControlFLASH: Version 14 and later
• ControlFLASH Plus: Version 1 and later
• FactoryTalk Asset Centre: Version 9 and later
• FactoryTalk Linx CommDTM: Version 1 and later
• Studio 5000 Launcher: Version 31 and later
• Studio 5000 Logix Designer software: Version 32 and prior

Mitigation
Install updates from vendor's website.

Vulnerable software versions

FactoryTalk Linx: 6.00 - 6.11

RSLinx Classic: 4.11.00

---

External links
http://ics-cert.us-cert.gov/advisories/icsa-20-163-02

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.