CVE-2020-5806

Summary

An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affected.

Affected Software

VendorProductVersion RangeStatus
n/aRockwell FactoryTalk LinxAll versions of FactoryTalk Linxaffected

Weaknesses

  • Local Denial of Service

ADP Enrichment

CVE Program Container

Additional References

References