PT-2020-16669 · Rockwell Automation · Factorytalk Linx

Published

2020-11-24

Updated

2020-11-30

CVE-2020-27255

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions FactoryTalk Linx versions 6.11 and prior

Description A heap overflow issue exists, allowing a remote, unauthenticated attacker to send malicious set attribute requests. This could result in the leaking of sensitive information, potentially leading to the bypass of address space layout randomization (ASLR).

Recommendations For versions 6.11 and prior, update to a version later than 6.11 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

BDU:2025-07808

CVE-2020-27255

Affected Products

Factorytalk Linx

PT-2020-16669 · Rockwell Automation · Factorytalk Linx

CVE-2020-27255

Weakness Enumeration

Related Identifiers

Affected Products

References · 9