CVE-2020-12028

Name of the Vulnerable Software and Affected Versions FactoryTalk View SEA remote versions (affected versions not specified) FactoryTalk View SE versions (affected versions not specified)

Description The issue allows an authenticated attacker to interact with data on a remote endpoint due to certain handlers not enforcing appropriate permissions. It is estimated that a significant number of devices may be affected, although the exact number is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the lack of permission enforcement in certain handlers.

Recommendations For FactoryTalk View SEA remote, enable built-in security features and follow guidance in knowledge base articles 109056 and 1126943 to set up IPSec and/or HTTPs. For FactoryTalk View SE, enable built-in security features and follow guidance in knowledge base articles 109056 and 1126943 to set up IPSec and/or HTTPs.