CVE-2020-12033

Summary

In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges.

Affected Software

VendorProductVersion RangeStatus
n/aRockwell Automation FactoryTalk Services PlatformAll Versionsaffected

Weaknesses

  • CWE-20: IMPROPER INPUT VALIDATION CWE-20

ADP Enrichment

CVE Program Container

Additional References

References